SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


When DB restored to different server will database mapping and permissions stay?


When DB restored to different server will database mapping and permissions stay?

Author
Message
UncleBoris
UncleBoris
SSC-Enthusiastic
SSC-Enthusiastic (173 reputation)SSC-Enthusiastic (173 reputation)SSC-Enthusiastic (173 reputation)SSC-Enthusiastic (173 reputation)SSC-Enthusiastic (173 reputation)SSC-Enthusiastic (173 reputation)SSC-Enthusiastic (173 reputation)SSC-Enthusiastic (173 reputation)

Group: General Forum Members
Points: 173 Visits: 730
On Server A I have a database the is overwritten daily by a database on another server [Server B]

After the first restore I map a group called "DOM\Reporting" to the database on Server A and assign read only permissions.

The restored database comes from Server B, this server does not contain an NT Group called "DOM\Reporting".

So when I restore the database mapping has gone.

I know when a SQL Account is used the accounts may need to be synced but I suppose I thought in the case using NT Authentication the security would sync between the Server Level acocunts and the database on restoring...it does not look like this is the case.

So if I am correct would I either have to add the NTGroup to Server B with ReadOnly permissions so they gets transferred, and nothing extra required, or would I have to run a script to map the user to the restored database again and add the permissions -- every time the database is restored.

Ideally I do not want to give the group "DOM\Reporting" any permissions to Server B.

Hopefully I have explained it clear but please let me know if I have not.

thanks for any help.
happycat59
happycat59
SSCarpal Tunnel
SSCarpal Tunnel (4.7K reputation)SSCarpal Tunnel (4.7K reputation)SSCarpal Tunnel (4.7K reputation)SSCarpal Tunnel (4.7K reputation)SSCarpal Tunnel (4.7K reputation)SSCarpal Tunnel (4.7K reputation)SSCarpal Tunnel (4.7K reputation)SSCarpal Tunnel (4.7K reputation)

Group: General Forum Members
Points: 4735 Visits: 3215
Database mappings are actually relationships between the syslogins table in the master database and sysusers table in the user database. If there is no record for a Windows user or group in the database when you restore it, then the user or group does not get any permissions and appears as though there is no mapping.

Your thinking is correct - you either add the group to the database on serverB or run a script to add the user to the database after it has been restored to serverA.



Perry Whittle
Perry Whittle
SSCoach
SSCoach (19K reputation)SSCoach (19K reputation)SSCoach (19K reputation)SSCoach (19K reputation)SSCoach (19K reputation)SSCoach (19K reputation)SSCoach (19K reputation)SSCoach (19K reputation)

Group: General Forum Members
Points: 19850 Visits: 17242
happycat59 (2/17/2013)
Database mappings are actually relationships between the syslogins table in the master database and sysusers table in the user database.

Note that the correct catalogs now are

sys.server_principals for server level logins
sys.database_principals for database users
sys.database_permissions for database user permissions
sys.database_role_members for database user role membership

-----------------------------------------------------------------------------------------------------------

"Ya can't make an omelette without breaking just a few eggs" ;-)
MMartin1
MMartin1
SSCrazy
SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)SSCrazy (2.7K reputation)

Group: General Forum Members
Points: 2745 Visits: 2031
Where you trying to move the data using a linked server connection? You can map the SQL logins in this way using ( I don't mean the Windows logins).

----------------------------------------------------
How to post forum questions to get the best help
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search