Dreaded "SQL Server does not exist or access denied. " Error

I have built a web application that runs on my local web server against my local SQL server and my development server, but now I'm trying to get it to work on the live server and I'm not getting a connection. Whenever I try to open the connection, I get a.

SQL Server does not exist or access denied.

error.

Here is my connection string...

Public connString as string

Dim SQLServerAsString = "xxx.xx.xx.xxx"

connString = "server=" & SQLServer & ";" _

& "database=DBName;Trusted_Connection=No;user id=xxxID;password=xxxPassword;"

myConnection2 =New SqlClient.SqlConnection(connString)

------------------

I'm starting my connection to run a datareader this way...

Dim strSQLAsString

strSQL = "SELECT ClientID, ClientName " & _

"FROM Client; "

' Create a connection to the table in the SQL database located on

' the remote computer.

Dim myCommand2AsNew SqlClient.SqlCommand(strSQL, myConnection2)

myCommand2.CommandTimeout = 1200

myConnection2.Open() 'HERE IS WHERE THE ERROR OCCURS

Dim myReaderAs SqlClient.SqlDataReader = myCommand2.ExecuteReader(CommandBehavior.CloseConnection)

While myReader.Read()

-------------------

I can communicate with the server with no problem from my local computer. I can ping the server, and I also tested it by creating a system DSN using the login and password in my application, and it finds the database with no problem. I've tried to connect using the SQL Server's server name and the IP address and both return the same result. I've also saw something in another post to set the trusted connection parameter to "yes" and that didn't work either.

I'm developing on a Windows XP Professional and I'm trying to connect to a Windows 2003 Server with SQL Server 2000 installed on the machine.

I did add the database by restoring a backup from my local server onto the live server. I don't think that should matter, but maybe it does. If anyone has any ideas, I would greatly appreciate it.

Try adding this to the end of your connection string and see if it makes a difference:

;Network Library =dbmssocn

This will force a TCP/IP connection instead of a named pipes connection.

(fromBUG: Named pipes do not work when worker process runs under ASPNET account)|||Thanks for the suggestion. Unfortunately that didn't work. Could there be some server firewall setting that is preventing the web user account from accessing the server?|||I would also try adding a port number to the end of the IP address:

Dim SQLServerAsString = "xxx.xx.xx.xxx,1433"

And I would remove Trusted_Connection=No completely. Seehttp://www.connectionstrings.comfor connection string examples. If none of that works, perhapsthe user ID and password are incorrect? Sorry, just grasping atstraws. My last recommendation is to review this KB article:Potential causes of the "SQL Server does not exists or access denied" error message. As you'll see, there are a lot of things to check.|||Thanks for your help. It looks like the problem stemmed from a security hole in Windows 2003 Server, which was shutting down the TCP ports. We applied SP4 and it seems to be working for now. Hopefully that's all it was.

DR: Replication vs. log shipping vs. clustering vs. database mirroring........

Up to now we have gotten by without having any local DR copies of servers (if a sql server goes down we are usually able to get it back in less than 3 hours). But I want more now. I want to trim the "down" window to no more than 5 or 10 minutes. (Immedate failover would be nice but is not an essential requirement. The essential requirement is to loose no data!)

I have a spec of knowledge in these areas:

SQL 2005 Clustering (requires approved hardware, quorum disk, etc. involved)

SQL 2005 Replicaiton

SQL 2005 Log Shipping.

SQL 2005 Database mirroring. ( needs three servers)

Which approach do you think is the most straightforward, sparing of hardware, yet reliable way to get us back up and running after a sql server failure.

TIA,

barkingdog

All of the above, none of the above, some combination of the above. It isn't a yes or no answer and it isn't a one size fits all. Each option has pros and cons. I teach a 5 day hands on class on High Availability and at the end of about 46 hours of instruction, we cover about 1/4 of the topic. It gives you a basic foundation for understanding the pros and cons of each technology as well as how it fits into an environment. The hard part is the implementation. There are 800+ page books on the SQL Server HA stuff from SQL Server 2000. I'm working on one for SQL Server 2005 that is probably going to weigh in at a two volume set of almost 1700 combined pages. (About 800 pages of it are already done and I still have at least 3 technologies and 17 subjects to cover.) It depends upon your environment, business requirements, any needs for the application etc. If you can be a little more specific than "I want better availability", it might be possible to more closely target something.|||

We want to consolidate several sql 2000 development servers into a single sql 2005 server. BUT if the sql 2005 server goes down, until we can fix it, the developers are going to have a lot of free time on their hands! The goal here is to minimize the amount of down time (say less than 20 minutes) so our developers can get back on the road ASAP. Of course, if the problem is hardware-related we could be down for a lot longer than 20 minutes, implying another server (maybe even a virtual server?) should be part of the environment.

Barkingdog

|||Based on the fact that it is a development environment, I would simply drop in log shipping and be done. It would require developers to reconnect to a different SQL Server instance that might be missing a small amount of data, but that is unimportant in a dev environment. It gives you basic redundancy without going overboard. And you also have to keep in mind that everything in a dev environment should be able to be recreated by a developer, so you are simply looking fdor redundancy to reduce the amount of stuff that needs to be recreated in the event of a failure.|||

I am reading about log shipping. It seems to be very focused on "one database at a time" type operations. One way is to use SSMS, right-click the database of interest, go to Properties, indicate it is the primary database.... and do this for each database on the server.

I want to apply log shipping to ALL the databases at once, not one step at a time. Is there any accomodaiton to do this?

TIA,

Barkingdog

|||

I have just finished my first pass reading about Log Shipping. In point of fact, while the concept is simple, the implementation has lots of details, is error prone, and requires changes to the way things normally work around here.

My greatest concern with all such approaches is that we will set it up, it will run fine on auto pilot, we will forget about the details, and then the emergency hits. Since we are no longer "sharp" it is very possible that we could forget to do something or do the wrong something, undermining the purpose of LS. (I know ... have good documentation....) I have the same issue with other "Disaster Recovery" type products. too.

Barkingdog

|||

Since you mentioned Database Mirroring, my assumption is SQL Server 2005 for all of this. You don't have to click through SSMS. You can script the log shipping implementation. It will require that you connect to two different instances and execute the portions of the script in order, but you don't have to click through a GUI.

As for the other side, no one is going to be able to help with that issue. High Availability isn't technology in a box. It requires people, processes, and technology to work together to achieve your availability goals. Deploying technology without well tested and documented procedures for accomplishing a failover and possibly a failback is just a waste of time. The technology is only as good as the processes that are in place to ensure the technologies can meet your business needs. The processes are only as good as the documentation that you have in place. The processes are only as good as the people implementing and performing the processes. You can't have one without the other.

Implementing a high availability solution is 5% about technology. The other 95% is all about processes and failover procedures.

|||

Excellent answers thanks.

Your advise about failover procedures is sage-like. I do find that mirroring is more to my "liking". And why it may not be needed on a developer box it would be good practice ground for our sql 2005 production servers (which also need falover).

Barkingdog

sql

downloading database to local mdf file, sql dumb on SMSE

Hi,

I'm trying to work on a database when I'm not connected. I can't figure out how to get a local copy of a database.mdf that I created on the server, onto my hard drive, using SQL Management Studio Express. Does anyone have any suggestions? I'd be forever in your debt. Thanks

Hi,

You can backup/restore database or your detach/attach database.

Use sp_detach_db procedure and sp_attach_db procedure to achieve this.

For more information, check

http://msdn2.microsoft.com/en-us/library/ms188031.aspx
http://msdn2.microsoft.com/en-us/library/aa259611(SQL.80).aspx

HTH. If this does not answer your question, please feel free to mark the post as Not Answered and reply. Thank you!

Download database to local and use

I have SQL database hosted by my ISP. Every now and again we log on and create new tables using user XXX1. After getting a backup of the database, I have restored it on my local machine. When running the application on local, I get an error because there is a new user in database called XXX1.

I would like to change the user from XXX1 to dbo on my local machine for all tables, stored procedures and views. How do I do this easily?

Thanks in advance!

Dave

Hi,

http://groups.google.de/group/microsoft.public.sqlserver.programming/browse_frm/thread/f1625d70fb765701

HTH, Jens Suessmeyer.

http://www.sqlserver2005.de

Download Data from one SQL server to a local server

Hi I am trying to download data from one sql server to a local table. What are my options?

Thanks.What do you mean by local table? A table on your local Sql Server? If so the easiest thing to do is right click on the source table in Enterprise Manager and select "All Tasks->Export Data" and follow the wizard to copy the table to your local server.sql

don't want (local)

Hi,
Is there a way to have my SQL Server installation show up at the machine
name and not (local)?
Thanks for any help,
-Keith
Delete the local registration. Re-register with the proper machine name.
Geoff N. Hiten
Microsoft SQL Server MVP
Senior Database Administrator
Careerbuilder.com
I support the Professional Association for SQL Server
www.sqlpass.org
"Keith Harris" <KeithHarris@.discussions.microsoft.com> wrote in message
news:5AFCE442-3A77-4151-985A-0CF5D77557F0@.microsoft.com...
> Hi,
> Is there a way to have my SQL Server installation show up at the machine
> name and not (local)?
> Thanks for any help,
> -Keith

don't want (local)

Hi,
Is there a way to have my SQL Server installation show up at the machine
name and not (local)?
Thanks for any help,
-KeithDelete the local registration. Re-register with the proper machine name.
--
Geoff N. Hiten
Microsoft SQL Server MVP
Senior Database Administrator
Careerbuilder.com
I support the Professional Association for SQL Server
www.sqlpass.org
"Keith Harris" <KeithHarris@.discussions.microsoft.com> wrote in message
news:5AFCE442-3A77-4151-985A-0CF5D77557F0@.microsoft.com...
> Hi,
> Is there a way to have my SQL Server installation show up at the machine
> name and not (local)?
> Thanks for any help,
> -Keith

don't want (local)

Hi,
Is there a way to have my SQL Server installation show up at the machine
name and not (local)?
Thanks for any help,
-KeithDelete the local registration. Re-register with the proper machine name.
--
Geoff N. Hiten
Microsoft SQL Server MVP
Senior Database Administrator
Careerbuilder.com
I support the Professional Association for SQL Server
www.sqlpass.org
"Keith Harris" <KeithHarris@.discussions.microsoft.com> wrote in message
news:5AFCE442-3A77-4151-985A-0CF5D77557F0@.microsoft.com...
> Hi,
> Is there a way to have my SQL Server installation show up at the machine
> name and not (local)?
> Thanks for any help,
> -Keith

Domino VBA

Hi,
I am trying to read data from a domino databases (located in our LAN
not on my local machine!) from my access project. I pass a code to the
function checkCodeInDomino to be verified on Domino. On my local
machine everything went fine, but suddenly there came up following
problem:

I was coding and testing with the code below, and I have never been
asked for my lotus password, now when starting my function, there comes
a box up (dont know why this changed?) where I have to enter my lotus
password, when entering my notes password, my function works fine.
But I have to distribute my application to other clients and users, and
it doesnt make sense to use my password.
So I received a public account from our domino admin, for all of us.
When using "DomSession.Initialize (publicLotusPassword)" there are no
errors.
But the problem is, that that's not a real solution for my
appliacation, because each user has to enter his own password, I dont
want that,
but entering a hard coded password doesnt work, because the password
that is asked is referring to
"c:\lotus\notes\data\wk\$userName.ID"

Is there any way to use "DomSession.Initialize" in some kind of a
"generic" way, so that any other user can use the function
"checkCodeInDomino"?
Please remember that the domino database is always on a remote machine
and
"'DomSession.InitializeUsingNotesUserName($Admin, $Pass)"
does not work!

Here is my code...

Function checkCodeInDomino(checkCode As Long)
On Error GoTo Err_Quit_Click

Dim DomDir As NotesDatabase
Dim DomContacts As NotesView
Dim DomDoc As NotesDocument
Dim StrName As String

Dim DomSession As NotesSession
Dim serverName As String
Dim databaseFile As String

Set DomSession = CreateObject("Lotus.NotesSession")
serverName = "myServerName"
databaseFile = "myFile"

DomSession.Initialize

Set DomDir = DomSession.GetDatabase(serverName, databaseFile)
Set DomContacts = DomDir.GetView("myView")
Set DomDoc = DomContacts.GetFirstDocument

While Not (DomDoc Is Nothing)

If DomDoc.GetItemValue("Dealer_Code")(0) = checkCode Then
checkCodeInDomino = True
Exit Function
End If
Set DomDoc = DomContacts.GetNextDocument(DomDoc)
Wend

checkCodeInDomino = False

Exit_Quit_Click:
Exit Function

Err_Quit_Click:
MsgBox Err.Description
Resume Exit_Quit_Click

End Function

Thank you for your attention!

Peter NeumaierI think you'll have more luck asking in a newsgroup related to Notes or
Domino, as opposed to a database group.

Have you tried looking for documentation at http://www.lotus.com?

--
Doug Steele, Microsoft Access MVP
http://I.Am/DougSteele
(no e-mails, please!)

"Peter Neumaier" <Peter.Neumaier@.gmail.com> wrote in message
news:1112392663.538812.206890@.g14g2000cwa.googlegr oups.com...
> Hi,
> I am trying to read data from a domino databases (located in our LAN
> not on my local machine!) from my access project. I pass a code to the
> function checkCodeInDomino to be verified on Domino. On my local
> machine everything went fine, but suddenly there came up following
> problem:
> I was coding and testing with the code below, and I have never been
> asked for my lotus password, now when starting my function, there comes
> a box up (dont know why this changed?) where I have to enter my lotus
> password, when entering my notes password, my function works fine.
> But I have to distribute my application to other clients and users, and
> it doesnt make sense to use my password.
> So I received a public account from our domino admin, for all of us.
> When using "DomSession.Initialize (publicLotusPassword)" there are no
> errors.
> But the problem is, that that's not a real solution for my
> appliacation, because each user has to enter his own password, I dont
> want that,
> but entering a hard coded password doesnt work, because the password
> that is asked is referring to
> "c:\lotus\notes\data\wk\$userName.ID"
> Is there any way to use "DomSession.Initialize" in some kind of a
> "generic" way, so that any other user can use the function
> "checkCodeInDomino"?
> Please remember that the domino database is always on a remote machine
> and
> "'DomSession.InitializeUsingNotesUserName($Admin, $Pass)"
> does not work!
> Here is my code...
> Function checkCodeInDomino(checkCode As Long)
> On Error GoTo Err_Quit_Click
> Dim DomDir As NotesDatabase
> Dim DomContacts As NotesView
> Dim DomDoc As NotesDocument
> Dim StrName As String
> Dim DomSession As NotesSession
> Dim serverName As String
> Dim databaseFile As String
> Set DomSession = CreateObject("Lotus.NotesSession")
> serverName = "myServerName"
> databaseFile = "myFile"
> DomSession.Initialize
> Set DomDir = DomSession.GetDatabase(serverName, databaseFile)
> Set DomContacts = DomDir.GetView("myView")
> Set DomDoc = DomContacts.GetFirstDocument
> While Not (DomDoc Is Nothing)
> If DomDoc.GetItemValue("Dealer_Code")(0) = checkCode Then
> checkCodeInDomino = True
> Exit Function
> End If
> Set DomDoc = DomContacts.GetNextDocument(DomDoc)
> Wend
> checkCodeInDomino = False
> Exit_Quit_Click:
> Exit Function
> Err_Quit_Click:
> MsgBox Err.Description
> Resume Exit_Quit_Click
> End Function
> Thank you for your attention!
> Peter Neumaier|||Hi Douglas,

thank you for your answer, but I think that my problem is more VBA and
ACCES than it is to domino databases.

So the only problem I have to solve is, how to use a default password
when accessing the domino database ...

For sure I found documentation on lotus.com, but there isnt anything
regarding my problem

"Douglas J. Steele" <NOSPAM_djsteele@.NOSPAM_canada.com> wrote in message news:<0cCdnUdLW-09ddDfRVn-vA@.rogers.com>...
> I think you'll have more luck asking in a newsgroup related to Notes or
> Domino, as opposed to a database group.
> Have you tried looking for documentation at http://www.lotus.com?
> --
> Doug Steele, Microsoft Access MVP
> http://I.Am/DougSteele
> (no e-mails, please!)
>
> "Peter Neumaier" <Peter.Neumaier@.gmail.com> wrote in message
> news:1112392663.538812.206890@.g14g2000cwa.googlegr oups.com...
> > Hi,
> > I am trying to read data from a domino databases (located in our LAN
> > not on my local machine!) from my access project. I pass a code to the
> > function checkCodeInDomino to be verified on Domino. On my local
> > machine everything went fine, but suddenly there came up following
> > problem:
> > I was coding and testing with the code below, and I have never been
> > asked for my lotus password, now when starting my function, there comes
> > a box up (dont know why this changed?) where I have to enter my lotus
> > password, when entering my notes password, my function works fine.
> > But I have to distribute my application to other clients and users, and
> > it doesnt make sense to use my password.
> > So I received a public account from our domino admin, for all of us.
> > When using "DomSession.Initialize (publicLotusPassword)" there are no
> > errors.
> > But the problem is, that that's not a real solution for my
> > appliacation, because each user has to enter his own password, I dont
> > want that,
> > but entering a hard coded password doesnt work, because the password
> > that is asked is referring to
> > "c:\lotus\notes\data\wk\$userName.ID"
> > Is there any way to use "DomSession.Initialize" in some kind of a
> > "generic" way, so that any other user can use the function
> > "checkCodeInDomino"?
> > Please remember that the domino database is always on a remote machine
> > and
> > "'DomSession.InitializeUsingNotesUserName($Admin, $Pass)"
> > does not work!
> > Here is my code...
> > Function checkCodeInDomino(checkCode As Long)
> > On Error GoTo Err_Quit_Click
> > Dim DomDir As NotesDatabase
> > Dim DomContacts As NotesView
> > Dim DomDoc As NotesDocument
> > Dim StrName As String
> > Dim DomSession As NotesSession
> > Dim serverName As String
> > Dim databaseFile As String
> > Set DomSession = CreateObject("Lotus.NotesSession")
> > serverName = "myServerName"
> > databaseFile = "myFile"
> > DomSession.Initialize
> > Set DomDir = DomSession.GetDatabase(serverName, databaseFile)
> > Set DomContacts = DomDir.GetView("myView")
> > Set DomDoc = DomContacts.GetFirstDocument
> > While Not (DomDoc Is Nothing)
> > If DomDoc.GetItemValue("Dealer_Code")(0) = checkCode Then
> > checkCodeInDomino = True
> > Exit Function
> > End If
> > Set DomDoc = DomContacts.GetNextDocument(DomDoc)
> > Wend
> > checkCodeInDomino = False
> > Exit_Quit_Click:
> > Exit Function
> > Err_Quit_Click:
> > MsgBox Err.Description
> > Resume Exit_Quit_Click
> > End Function
> > Thank you for your attention!
> > Peter Neumaier|||While I recognize that you're experiencing the problem using automation from
VBA, you're still issuing commands to directly to Domino. I would think that
people more familiar with the Domino programming model would be better able
to help than people familiar with VBA.

YMMV, though.

--
Doug Steele, Microsoft Access MVP
http://I.Am/DougSteele
(no e-mails, please!)

"Peter Neumaier" <Peter.Neumaier@.gmail.com> wrote in message
news:98284637.0504020824.4b7a20c9@.posting.google.c om...
> Hi Douglas,
> thank you for your answer, but I think that my problem is more VBA and
> ACCES than it is to domino databases.
> So the only problem I have to solve is, how to use a default password
> when accessing the domino database ...
> For sure I found documentation on lotus.com, but there isnt anything
> regarding my problem
>
> "Douglas J. Steele" <NOSPAM_djsteele@.NOSPAM_canada.com> wrote in message
> news:<0cCdnUdLW-09ddDfRVn-vA@.rogers.com>...
>> I think you'll have more luck asking in a newsgroup related to Notes or
>> Domino, as opposed to a database group.
>>
>> Have you tried looking for documentation at http://www.lotus.com?
>>
>> --
>> Doug Steele, Microsoft Access MVP
>> http://I.Am/DougSteele
>> (no e-mails, please!)
>>
>>
>>
>> "Peter Neumaier" <Peter.Neumaier@.gmail.com> wrote in message
>> news:1112392663.538812.206890@.g14g2000cwa.googlegr oups.com...
>> > Hi,
>> > I am trying to read data from a domino databases (located in our LAN
>> > not on my local machine!) from my access project. I pass a code to the
>> > function checkCodeInDomino to be verified on Domino. On my local
>> > machine everything went fine, but suddenly there came up following
>> > problem:
>>> > I was coding and testing with the code below, and I have never been
>> > asked for my lotus password, now when starting my function, there comes
>> > a box up (dont know why this changed?) where I have to enter my lotus
>> > password, when entering my notes password, my function works fine.
>> > But I have to distribute my application to other clients and users, and
>> > it doesnt make sense to use my password.
>> > So I received a public account from our domino admin, for all of us.
>> > When using "DomSession.Initialize (publicLotusPassword)" there are no
>> > errors.
>> > But the problem is, that that's not a real solution for my
>> > appliacation, because each user has to enter his own password, I dont
>> > want that,
>> > but entering a hard coded password doesnt work, because the password
>> > that is asked is referring to
>> > "c:\lotus\notes\data\wk\$userName.ID"
>>> > Is there any way to use "DomSession.Initialize" in some kind of a
>> > "generic" way, so that any other user can use the function
>> > "checkCodeInDomino"?
>> > Please remember that the domino database is always on a remote machine
>> > and
>> > "'DomSession.InitializeUsingNotesUserName($Admin, $Pass)"
>> > does not work!
>>> > Here is my code...
>>> > Function checkCodeInDomino(checkCode As Long)
>> > On Error GoTo Err_Quit_Click
>>> > Dim DomDir As NotesDatabase
>> > Dim DomContacts As NotesView
>> > Dim DomDoc As NotesDocument
>> > Dim StrName As String
>>> > Dim DomSession As NotesSession
>> > Dim serverName As String
>> > Dim databaseFile As String
>>> > Set DomSession = CreateObject("Lotus.NotesSession")
>> > serverName = "myServerName"
>> > databaseFile = "myFile"
>>> > DomSession.Initialize
>>> > Set DomDir = DomSession.GetDatabase(serverName, databaseFile)
>> > Set DomContacts = DomDir.GetView("myView")
>> > Set DomDoc = DomContacts.GetFirstDocument
>>> > While Not (DomDoc Is Nothing)
>>> > If DomDoc.GetItemValue("Dealer_Code")(0) = checkCode Then
>> > checkCodeInDomino = True
>> > Exit Function
>> > End If
>> > Set DomDoc = DomContacts.GetNextDocument(DomDoc)
>> > Wend
>>> > checkCodeInDomino = False
>>> > Exit_Quit_Click:
>> > Exit Function
>>> > Err_Quit_Click:
>> > MsgBox Err.Description
>> > Resume Exit_Quit_Click
>>> > End Function
>>> > Thank you for your attention!
>>> > Peter Neumaier
>

Domain vs Local

What are gotchas for starting Sql & the agent with a Local system account
versus a system Domain account.Hi

IMO the main reason to use a domain account is permissions (lack of, or too
high) and the ability to assign them to the account.

John
"AHartman" <Hoosbruin@.Kconline.com> wrote in message
news:d6adndqf25WCUj3cRVn-oQ@.kconline.com...
>
> What are gotchas for starting Sql & the agent with a Local system account
> versus a system Domain account.|||AHartman (Hoosbruin@.Kconline.com) writes:
> What are gotchas for starting Sql & the agent with a Local system account
> versus a system Domain account.

One gotcha that people run from time to time, is that they want to access
network shares from SQL Server, for instance for BULK INSERT. This does not
work with Local System. Another gotcha is that SQL debugging from another
machine usually does not work if you are running under local system.

--
Erland Sommarskog, SQL Server MVP, esquel@.sommarskog.se

Books Online for SQL Server SP3 at
http://www.microsoft.com/sql/techin.../2000/books.asp|||In article <Xns95A8D9056DF1CYazorman@.127.0.0.1>, esquel@.sommarskog.se
says...
> AHartman (Hoosbruin@.Kconline.com) writes:
> > What are gotchas for starting Sql & the agent with a Local system account
> > versus a system Domain account.
> One gotcha that people run from time to time, is that they want to access
> network shares from SQL Server, for instance for BULK INSERT. This does not
> work with Local System. Another gotcha is that SQL debugging from another
> machine usually does not work if you are running under local system.

Actually, of you understand NET USE, then you don't have to have the SQL
Server in the domain. If you provide the credentials it works just fine.

In most cases, where there is some form of web interface, even for a
intranet, I always setup the servers without providing Domain User
account access to it. The one exception being an application that uses
Windows Authentication Accounts, instead of a programatic method, to
access data.

--
--
spamfree999@.rrohio.com
(Remove 999 to reply to me)

domain user or local system account ?

Hello,
My server is part of a W2K domain. What do you advice me as account to
run my SQL*Server, service started with a domain user account or as
local system ?

I need advices from a security point of view.

Thank's in advanceDepends on your requirements...

First, I would personally never recommend running SQL in a production
environment as Local System.

If the SQL proccess will ever need to connect to file shares on other
machines (like to backup data to remote location etc...) then you can either
use a domain account, or use local accounts with matching usernames and
passwords on the SQL server and any machine it may connect to.

If your SQL proccess will never connect to File shares, or similar resources
on the network, then you should run it with a Local User account on the box.

But of course, this is just my opinion.

GL

"Kona" <kona_iron@.yahoo.fr> wrote in message
news:a1de658a.0404191607.75ec6a49@.posting.google.c om...
> Hello,
> My server is part of a W2K domain. What do you advice me as account to
> run my SQL*Server, service started with a domain user account or as
> local system ?
> I need advices from a security point of view.
> Thank's in advance|||Thank you for your opinion.

And I also agree to not use Local System, all the more since this
account as network access into the same W2K domain (that was not the
case under NT).

"GL" <GL@.noSpam.ReplyToNewsgroup.com> wrote in message news:<108ddd45gbs8k69@.news.supernews.com>...
> Depends on your requirements...
> First, I would personally never recommend running SQL in a production
> environment as Local System.
> If the SQL proccess will ever need to connect to file shares on other
> machines (like to backup data to remote location etc...) then you can either
> use a domain account, or use local accounts with matching usernames and
> passwords on the SQL server and any machine it may connect to.
> If your SQL proccess will never connect to File shares, or similar resources
> on the network, then you should run it with a Local User account on the box.
> But of course, this is just my opinion.
> GL
> "Kona" <kona_iron@.yahoo.fr> wrote in message
> news:a1de658a.0404191607.75ec6a49@.posting.google.c om...
> > Hello,
> > My server is part of a W2K domain. What do you advice me as account to
> > run my SQL*Server, service started with a domain user account or as
> > local system ?
> > I need advices from a security point of view.
> > Thank's in advance|||Depends on your requirements...

First, I would personally never recommend running SQL in a production
environment as Local System.

If the SQL proccess will ever need to connect to file shares on other
machines (like to backup data to remote location etc...) then you can either
use a domain account, or use local accounts with matching usernames and
passwords on the SQL server and any machine it may connect to.

If your SQL proccess will never connect to File shares, or similar resources
on the network, then you should run it with a Local User account on the box.

But of course, this is just my opinion.

GL

"Kona" <kona_iron@.yahoo.fr> wrote in message
news:a1de658a.0404191607.75ec6a49@.posting.google.c om...
> Hello,
> My server is part of a W2K domain. What do you advice me as account to
> run my SQL*Server, service started with a domain user account or as
> local system ?
> I need advices from a security point of view.
> Thank's in advance|||Thank you for your opinion.

And I also agree to not use Local System, all the more since this
account as network access into the same W2K domain (that was not the
case under NT).

"GL" <GL@.noSpam.ReplyToNewsgroup.com> wrote in message news:<108ddd45gbs8k69@.news.supernews.com>...
> Depends on your requirements...
> First, I would personally never recommend running SQL in a production
> environment as Local System.
> If the SQL proccess will ever need to connect to file shares on other
> machines (like to backup data to remote location etc...) then you can either
> use a domain account, or use local accounts with matching usernames and
> passwords on the SQL server and any machine it may connect to.
> If your SQL proccess will never connect to File shares, or similar resources
> on the network, then you should run it with a Local User account on the box.
> But of course, this is just my opinion.
> GL
> "Kona" <kona_iron@.yahoo.fr> wrote in message
> news:a1de658a.0404191607.75ec6a49@.posting.google.c om...
> > Hello,
> > My server is part of a W2K domain. What do you advice me as account to
> > run my SQL*Server, service started with a domain user account or as
> > local system ?
> > I need advices from a security point of view.
> > Thank's in advance

Domain not visible

I just upgraded my 2000 installation to Sql Server 2005 Developer. When I try to create a new login I can only use local accounts. Search and the Locations only displays the computer name and not the domain. Any help would be greatly appreciated,

Robert van Poelgeest

Hi Robert - I assume you are using SSMS but correct me if I'm wrong.

Are you running SSMS (client) on the same machine as the Server?

Are you logged into client machine with a domain account from domain you want to add?

Can you add the desired domain account using the CREATE LOGIN command?

|||

Hi Bruce,

Yes I am using SSMS on the server itself and yes I am logged in using a domain account. I haven't tried using a CREATE LOGIN account but I will.

update: This whole problem was caused by a dns configuration problem and was not caused by anything in Sqlserver

domain local group in SQL 2000

Does anybody know if you can add the domain local group in
the SQL 2000 login? Please note "domain local group" not
the local group.
Jennifer"Jennifer @. Oxnard" <anonymous@.discussions.microsoft.com> wrote in message
news:024a01c3aade$8dd69da0$a301280a@.phx.gbl...
> Does anybody know if you can add the domain local group in
> the SQL 2000 login? Please note "domain local group" not
> the local group.
I just answered that in *.security
Steve

domain accounts & SQL logons ...

we added a user's PC to the local domain which also has SQL Server 2K sp3
running on it. prior to adding the user's PC to the domain the user would
logon to his local machine which had the same username & password combo for
the domain. his sqlserver account name was domainname/username which worked
okay. now that his PC has been added to the domain, however, he can access
all resources on the domain except for the SQL server to which he is an
admin. he receives the "Cannot generate SSPI context" error message. as
soon as his PC is removed from the domain he can connect fine. tia for any
help on this one ...Had a similar issue once, I think I managed to "fix" it by going into the
client network utilty and forcing the protocol being used to TCP/IP for that
server, or was it to Named Pipes ? Can't rememer, but worth a try =)
Good luck,
Roby
"E-Double" <EDouble@.discussions.microsoft.com> wrote in message
news:8E5D9C1F-D630-4202-98FA-AB614E4ECCDF@.microsoft.com...
> we added a user's PC to the local domain which also has SQL Server 2K sp3
> running on it. prior to adding the user's PC to the domain the user would
> logon to his local machine which had the same username & password combo
> for
> the domain. his sqlserver account name was domainname/username which
> worked
> okay. now that his PC has been added to the domain, however, he can
> access
> all resources on the domain except for the SQL server to which he is an
> admin. he receives the "Cannot generate SSPI context" error message. as
> soon as his PC is removed from the domain he can connect fine. tia for
> any
> help on this one ...

domain accounts & SQL logons ...

we added a user's PC to the local domain which also has SQL Server 2K sp3
running on it. prior to adding the user's PC to the domain the user would
logon to his local machine which had the same username & password combo for
the domain. his sqlserver account name was domainname/username which worked
okay. now that his PC has been added to the domain, however, he can access
all resources on the domain except for the SQL server to which he is an
admin. he receives the "Cannot generate SSPI context" error message. as
soon as his PC is removed from the domain he can connect fine. tia for any
help on this one ...
Had a similar issue once, I think I managed to "fix" it by going into the
client network utilty and forcing the protocol being used to TCP/IP for that
server, or was it to Named Pipes ? Can't rememer, but worth a try =)
Good luck,
Roby
"E-Double" <EDouble@.discussions.microsoft.com> wrote in message
news:8E5D9C1F-D630-4202-98FA-AB614E4ECCDF@.microsoft.com...
> we added a user's PC to the local domain which also has SQL Server 2K sp3
> running on it. prior to adding the user's PC to the domain the user would
> logon to his local machine which had the same username & password combo
> for
> the domain. his sqlserver account name was domainname/username which
> worked
> okay. now that his PC has been added to the domain, however, he can
> access
> all resources on the domain except for the SQL server to which he is an
> admin. he receives the "Cannot generate SSPI context" error message. as
> soon as his PC is removed from the domain he can connect fine. tia for
> any
> help on this one ...

domain accounts & SQL logons ...

we added a user's PC to the local domain which also has SQL Server 2K sp3
running on it. prior to adding the user's PC to the domain the user would
logon to his local machine which had the same username & password combo for
the domain. his sqlserver account name was domainname/username which worked
okay. now that his PC has been added to the domain, however, he can access
all resources on the domain except for the SQL server to which he is an
admin. he receives the "Cannot generate SSPI context" error message. as
soon as his PC is removed from the domain he can connect fine. tia for any
help on this one ...Had a similar issue once, I think I managed to "fix" it by going into the
client network utilty and forcing the protocol being used to TCP/IP for that
server, or was it to Named Pipes ? Can't rememer, but worth a try =)
Good luck,
Roby
"E-Double" <EDouble@.discussions.microsoft.com> wrote in message
news:8E5D9C1F-D630-4202-98FA-AB614E4ECCDF@.microsoft.com...
> we added a user's PC to the local domain which also has SQL Server 2K sp3
> running on it. prior to adding the user's PC to the domain the user would
> logon to his local machine which had the same username & password combo
> for
> the domain. his sqlserver account name was domainname/username which
> worked
> okay. now that his PC has been added to the domain, however, he can
> access
> all resources on the domain except for the SQL server to which he is an
> admin. he receives the "Cannot generate SSPI context" error message. as
> soon as his PC is removed from the domain he can connect fine. tia for
> any
> help on this one ...

domain account vs local account for SQLServerAgent

Hi there,

BOL notes that in order for replication agents to run properly, the
SQLServerAgent must run as a domain account which has privledges to log
into the other machines involved in replication (under "Security
Considerations" and elsewhere). This makes sense; however, I was
wondering if there were any repercussions to using duplicate local
accounts to establish replication where a domain was not available.
Anotherwords, create a local windows account "johndoe" on both machines
(with the same password), grant that account access to SQL Server on
both machines, and then have SQL Server Agent run as "johndoe" on both
machines. I do not feel this is an ideal solution but I have
circumstances under which I may not have a domain available; my
preliminary tests seem to work.

Also, are there any similar considerations regarding the MSSQLSERVER
service, or can I always leave that as local system?

Dave"Dave C." <metal@.rules.spam> wrote in message news:<Pine.LNX.4.44.0311061247410.17583-100000@.ccrma-gate.stanford.edu>...
> Hi there,
> BOL notes that in order for replication agents to run properly, the
> SQLServerAgent must run as a domain account which has privledges to log
> into the other machines involved in replication (under "Security
> Considerations" and elsewhere). This makes sense; however, I was
> wondering if there were any repercussions to using duplicate local
> accounts to establish replication where a domain was not available.
> Anotherwords, create a local windows account "johndoe" on both machines
> (with the same password), grant that account access to SQL Server on
> both machines, and then have SQL Server Agent run as "johndoe" on both
> machines. I do not feel this is an ideal solution but I have
> circumstances under which I may not have a domain available; my
> preliminary tests seem to work.
> Also, are there any similar considerations regarding the MSSQLSERVER
> service, or can I always leave that as local system?
> Dave

See "Setting up Windows Services Accounts" in BOL. There are a number
of things that can only be done with a domain account; in addition,
LocalSystem is a highly privileged account, so for both functionality
and security reasons, using a domain account is usually a good idea.

I'm not sure about using multiple local accounts if no domain is
available. I would guess that it would work, but password management
and synchronization could be awkward.

Simon

DOH! Uninstall of 2005 gone horribly wrong

I am an old hand at RDBMS but have been using SQL Server for only 1 year. I have a local install of 2005 Developer Edition, and also access a number of 2000 and 2005 instances on remote and network servers. OK, so on 3/16 (after installing the 3/15 Windows Security Updates), I began getting this error when invoking any 2005 DB under Object Explorer in Management Studio "SQLWB - SQL Server Management Studio has encountered a problem and needs to close. We are sorry for the inconvenience." Very helpful. So I ran a debug and got some unhandled exception errors:

'SqlWb.exe': Loaded 'C:\WINDOWS\system32\wbem\wbemsvc.dll', No symbols loaded.
'SqlWb.exe': Loaded 'C:\WINDOWS\system32\wbem\fastprox.dll', No symbols loaded.
'SqlWb.exe': Loaded 'C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll', No symbols loaded.
'SqlWb.exe': Loaded 'C:\WINDOWS\system32\apphelp.dll', No symbols loaded.
The thread 'Win32 Thread' (0x21c) has exited with code 0 (0x0).
The thread 'Win32 Thread' (0xa98) has exited with code 0 (0x0).
Unhandled exception at 0x79ea69f3 in SqlWb.exe: 0xC0000006: In page error.
First-chance exception at 0x79ea69f3 in SqlWb.exe: 0xC0000005: Access violation reading location 0x088b200c.
Unhandled exception at 0x79ea69f3 in SqlWb.exe: 0xC0000005: Access violation reading location 0x088b200c.
First-chance exception at 0x79ea69f3 in SqlWb.exe: 0xC0000005: Access violation reading location 0x088b200c.

After some poking around, my DBA told me that we had upgraded the servers for our team to SP1, and I should install that, because the file being read did not 'match up' with the commands. But when I did so I got the warning:

- Edition Change Check (Warning)

Messages

Edition Change Check

To change an existing instance of Microsoft SQL Server 2005 to a different edition of SQL Server 2005, you must run SQL Server 2005 Setup from the command prompt and include the SKUUPGRADE=1 parameter.

I researched this information, but it didn't really apply to my situation. So I selected 'CONTINUE' and everything went downhill from there. The install downloaded the SP1 setup support files (which by the way "cannot be removed") and then aborted. I poked around some more and decided it would be easiest to Uninstall and Reinstall the Dev Edition from the DVD and then apply the SP. The uninstall went fine until it got to the tools (which apparently were my real problem to start with). When I attempt to uninstall the tools, I get the following message:

"Error reading from file C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.SqlEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.SqlEnum.dll

Verify that this file exists and that you can access it"

This message is presented with Retry and Cancel options. The file does NOT exist, so Retry is not useful and cancel rolls back the entire uninstall.

Error signature:

EventType : sql90setup P1 : installfinalize P2 : 0x643 P3 : unknown
P4 : 0x519 P5 : unknown P6 : unknown
P7 : sqlrun_tools.msi@.9.00.1399.06

In this part SP1/half uninstalled 2005 environment I am stuck like chuck. I have searched for this dll online and on other folders of my hard drive to no avail. I have also dug through these forums until my eyes are crossed.

Can anyone help?!?

One more search location turned up the answer here: http://support.microsoft.com/default.aspx/kb/909953

Turns out the tools are considered components. You can remove services and instances from the REMOVE dialog, but you have to CHANGE the client components (under workstation components) and de-select Management Tools.

I cannot believe how long it took me to find this; I finally found it today in the setup help information on the install DVD while preparing for the install. I'll leave this here for others who check the boards before the knowledge base.

THANKS to anyone who put thought into this today.

|||

Thanks for following up your own post. It prevents others from wasting their time trying to help you after you have solved the problem, and it helps others when you share your solution.

DOH! Forgot DST patch

Hey all,
It looks like we missed the DST patch on our new domain controllers.
It changed the local time and that propigated to two of my sql
clusters. My question is, what is the best way to rectify this? I
can't let it sit for the week. Should I just change the time and let
it propigate back? Any other ideas?
Thanks
ejHi
Why are you not syncronising on an external source? You should change this
back when the systems are not busy to avoid inconsistencies.
John
"erinrjones@.gmail.com" wrote:
> Hey all,
> It looks like we missed the DST patch on our new domain controllers.
> It changed the local time and that propigated to two of my sql
> clusters. My question is, what is the best way to rectify this? I
> can't let it sit for the week. Should I just change the time and let
> it propigate back? Any other ideas?
> Thanks
> ej
>