Connection Problems

  • Comments posted to this topic are about the item Connection Problems

  • Very good scenario based question.

    M&M

  • Good Question.

    Thanks.

  • Good question.

    🙂

  • Great question, thanks!

    Need an answer? No, you need a question
    My blog at https://sqlkover.com.
    MCSE Business Intelligence - Microsoft Data Platform MVP

  • Thank you very much for this question and scenario--and for the update regarding the sp_change_users_login stored procedure.

    Regards,

    Michael

  • This is an old problem with sql2000 too: restoring a database on a different instance, logins to database become invalid.

    The solution is create login on the restoring instance with the same sid of the source instance

    See here: http://msdn.microsoft.com/en-us/library/ms189751.aspx

    CREATE LOGIN loginName { WITH <option_list1> | FROM <sources> }

    <option_list1> ::=

    PASSWORD = { 'password' | hashed_password HASHED } [ MUST_CHANGE ]

    [ , <option_list2> [ ,... ] ]

    <option_list2> ::=

    SID = sid | DEFAULT_DATABASE = database

    | DEFAULT_LANGUAGE = language

    | CHECK_EXPIRATION = { ON | OFF}

    | CHECK_POLICY = { ON | OFF}

    | CREDENTIAL = credential_name

    <sources> ::=

    WINDOWS [ WITH <windows_options>[ ,... ] ]

    | CERTIFICATE certname

    | ASYMMETRIC KEY asym_key_name

    <windows_options> ::=

    DEFAULT_DATABASE = database

    | DEFAULT_LANGUAGE = language

  • Exactly a scenario that happens in our environments. Thanks for the question!

    Ronald HensbergenHelp us, help yourself... Post data so we can read and use it: http://www.sqlservercentral.com/articles/Best+Practices/61537/-------------------------------------------------------------------------2+2=5 for significant large values of 2

  • Thanks for the kind comments everyone - this was my first question, so it's good to get a positive response!

    And thanks Carlo for the extra information - I wasn't previously aware you could do that.

  • I always use sp_change_users_login in these circumstances, so had to pick an answer at random, luckily I got the right one :).

    I wonder why they are withrawing this procedure? Anyone know if the replacement command does all the security checking that the procedure does?

  • What security checking does sp_change_users_login do?

    All it does is map a database user with a login. BOL says nothing about any security checking.

  • sp_helptext[sp_change_users_login] will reveal all 🙂

  • Nice question, but very easy indeed for those of us who have been moving databases from server to server for more than a decade.

    Tom

  • Toreador (2/7/2011)


    sp_helptext[sp_change_users_login] will reveal all 🙂

    Presumably the permissions on ALTER USER will perform the required security checks on whether the user has permission to perform the action. The sp_change_users_login does seem to do quite a lot, but apart from listing the orphaned users in a database it should be possible to do everything with CREATE LOGIN and ALTER USER.

  • Nils Gustav Stråbø (2/7/2011)


    What security checking does sp_change_users_login do?

    All it does is map a database user with a login. BOL says nothing about any security checking.

    It does some checks on the user that is running the procedure. If it's not a member of the db_owner group it won't let you report or update one, and if the user isn't a member of sysadmin it won't let you auto fix.

Viewing 15 posts - 1 through 15 (of 40 total)

You must be logged in to reply to this topic. Login to reply