Home Forums SQL Server 2008 SQL Server 2008 - General Newbie (Know-nothing-bie:) Needs Urgent Assistance with SQLExpress RE: Newbie (Know-nothing-bie:) Needs Urgent Assistance with SQLExpress

  • April 1, 2013 at 8:14 am

    #1602459

    I'll throw my 2 cents in.

    Create an instance of SQL Server Express Edition in a version equal to or greater than the one used to take the backup. If it was on SQL Server 2005 EE, use that or above, maybe SQL Server 2008 EE.

    If you have a .bak file (recent one), you can do a restore it to an instance and it should restore just fine, as long as you have the same or higher version of SQL Server that was used to take the backup. Just make sure you save the data and log files that make up the database on appropriate disks and in appropriate directories. This can be set in the RESTORE screens of Management Studio, when you right click "Databases" and choose "Restore Database". Once you set the database name and choose the .bak file for the database, choose the Options page (on the left side of the form) and change where the actual data and log files will be saved. If you aren't that familiar with how backups work, SQL Server jumbles all the data and log files into the .bak. When you restore that file, it reconstitutes the files back into individual files, and you can change where it puts them, and their names for that matter.

    The other issue is that the restore will restore the database with all the permissions, but the login (if it is SQL Server Authentication, as opposed to Windows Authentication for using the database) is assigned a specific SID (Security ID). This SID is specific to this user for this database, and the login associated with it must have the same login. If the SIDs match up, the permissions will be exactly as they were on the old server.

    Once you get the old database restored, try this to see if it will trick it into using the same sid for the user. First, get the SID for the desired user from a listing of the database principals from inside the database. Then, once it gives you the SID for that user, replace that SID value in the CREATE LOGIN statement and give it a password, and it should (SHOULD) create a new login with the same sid so that the permissions will work from the database.

    Here are the statements to do this:

    --Get the users of the database, and whether they are SQL_USER or WINDOWS_USER, and their SID

    SELECT * FROM <databasename>.sys.database_principals

    -- then use the SID from the above statement results for the proper user and change the stuff with the <> brackets to create an instance user with the same sid.

    CREATE LOGIN [<username>] WITH PASSWORD = '<somepassword>', SID = <sid from the select above>, DEFAULT_DATABASE = [<new database name>], CHECK_POLICY = OFF, CHECK_EXPIRATION = OFF

    Hopefully, this will create the desired login, with the appropriate sid to keep the permissions in the database. This scheme, as it is, will only work for SQL Server authenticated users. If Windows users and it is on the same domain, just create a Windows Authenticated login for that user and it will use the same sid as the Windows user in the domain.

    You will need to use the same password, if known, that the program is using. Since the old server is not available, you can't script out the logins with the proper sid and password hash (which is a weekly DR procedure for me for all my instances that I am responsible for).

    Hopefully, this will give you the same permissions for the given user (I have not tested, but SHOULD work). Definitely worth a shot.

    Hope it helps. Please let us know.