SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


SQLCMD problems


SQLCMD problems

Author
Message
schleep
schleep
Ten Centuries
Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)

Group: General Forum Members
Points: 1008 Visits: 1326
What I'm trying to accomplish is to write network logons / logoffs to a SQL server.

We've set up a group policy on the OU, and want to call SQLCMD to write the info to a table. Sounds simple enough. We have logon.cmd and logoff.cmd which set the parameters and call SQLCMD.

I'm trying to call a local copy of SQLCMD.exe -- we don't want users having access to the C:\Program Files\... -- and getting various errors:

- if I call SQLCMD v. 2009.100.2500.0, I get SQLCMD is not a valid Win32 app.
- if I call SQLCMD v. 2009.100.1600.0, I get BatchParser.dll (2009.100.1600.1) is not a valid Windows image

We're using SQL 2008 R2 sp1 on a Win2008 R2 sp1 box.

How can I make this work?

Thanks



John Mitchell-245523
John Mitchell-245523
SSChampion
SSChampion (13K reputation)SSChampion (13K reputation)SSChampion (13K reputation)SSChampion (13K reputation)SSChampion (13K reputation)SSChampion (13K reputation)SSChampion (13K reputation)SSChampion (13K reputation)

Group: General Forum Members
Points: 13974 Visits: 15937
I don't think it'll work if you just lift sqlcmd.exe and copy it somewhere else. It needs access to all sorts of DLLs and other stuff. Why can't you just create a desktop shortcut to the file in the prohibited folder?

John
schleep
schleep
Ten Centuries
Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)

Group: General Forum Members
Points: 1008 Visits: 1326
"...just create a desktop shortcut to the file in the prohibited folder?"

I'm sorry, I don't follow.

The logon/logoff.cmd files called by the policy are sitting on the SQL Server in question, and should be calling SQLCMD on that server, no?



John Mitchell-245523
John Mitchell-245523
SSChampion
SSChampion (13K reputation)SSChampion (13K reputation)SSChampion (13K reputation)SSChampion (13K reputation)SSChampion (13K reputation)SSChampion (13K reputation)SSChampion (13K reputation)SSChampion (13K reputation)

Group: General Forum Members
Points: 13974 Visits: 15937
OK, I didn't quite understand first time. You have these two .cmd files that are triggered automatically whenever a logon or logoff event occurs (presumably on AD) - is that right? If that's the case, no users need to go anywhere near sqlcmd.exe or the .cmd files, do they?

John
schleep
schleep
Ten Centuries
Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)

Group: General Forum Members
Points: 1008 Visits: 1326
Yes, that's correct, they're fired by AD group policy.

So yes, I don't think the .cmds are called in the users' context. In fact, they would likely be running under a domain admin account... so privs shouldn't be an issue, right?

Going to work w/ my domain admin, I'll get back to you if still unresolved.



schleep
schleep
Ten Centuries
Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)

Group: General Forum Members
Points: 1008 Visits: 1326
Still no joy.

Maybe we're going about this the wrong way.

Let me back up: A Group policy is set, and what we want to happen is
1) A user logs into domain
2) A row is inserted in a SQL Server database table on same domain in realtime. User does not necessarily have access to SQL Server.

Any suggestions? We're about to revert to the tried and true parsing of logs....

P



John Mitchell-245523
John Mitchell-245523
SSChampion
SSChampion (13K reputation)SSChampion (13K reputation)SSChampion (13K reputation)SSChampion (13K reputation)SSChampion (13K reputation)SSChampion (13K reputation)SSChampion (13K reputation)SSChampion (13K reputation)

Group: General Forum Members
Points: 13974 Visits: 15937
You haven't said what exactly isn't working. I suspect that your problem is how to fire triggers from events in AD. If that's the case, you'd be better off posting on a more suitable forum.

John
schleep
schleep
Ten Centuries
Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)

Group: General Forum Members
Points: 1008 Visits: 1326
What isn't working is getting SQLCMD to run in the context of the user that's login in/out.
I had assumed that the policy would execute under a system/admin account.

But you're right, I'll seek help in more appropriate fora.

Thanks John.



Perry Whittle
Perry Whittle
SSCoach
SSCoach (19K reputation)SSCoach (19K reputation)SSCoach (19K reputation)SSCoach (19K reputation)SSCoach (19K reputation)SSCoach (19K reputation)SSCoach (19K reputation)SSCoach (19K reputation)

Group: General Forum Members
Points: 19760 Visits: 17242
schleep (1/22/2014)
What isn't working is getting SQLCMD to run in the context of the user that's login in/out.
I had assumed that the policy would execute under a system/admin account.

But you're right, I'll seek help in more appropriate fora.

Thanks John.


Embed the query in a SP and create the stored proc with execute as owner, that way it wont care who executes it ;-)

-----------------------------------------------------------------------------------------------------------

"Ya can't make an omelette without breaking just a few eggs" ;-)
paul.knibbs
paul.knibbs
SSCrazy
SSCrazy (2.5K reputation)SSCrazy (2.5K reputation)SSCrazy (2.5K reputation)SSCrazy (2.5K reputation)SSCrazy (2.5K reputation)SSCrazy (2.5K reputation)SSCrazy (2.5K reputation)SSCrazy (2.5K reputation)

Group: General Forum Members
Points: 2517 Visits: 6232
schleep (1/22/2014)
What isn't working is getting SQLCMD to run in the context of the user that's login in/out.
I had assumed that the policy would execute under a system/admin account.


If you're doing it via a conventional login script, then no, that doesn't execute as a sysadmin account--it wouldn't be terribly useful if it *did*, because login scripts are supposed to do stuff that's specific to the user logging in, not some random admin user. This is probably why it's not working.
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search