Hi,
Im not sure what group to ask this in, but this one seems the most
appropriate. I am responsible for "imaging" all of our developer machines
at my company. What this means is that we create a "master image", install
all appropriate software on it, configure it with correct options, and run
the sysprep tool which creates a "cloneable" disk image.
Then this disk image is basically blasted onto all the boot disks of the
company, and a mini-setup program is run, requiring a support person to type
the product key, etc.
I would like to create a few groups on this master image, do a CREATE LOGIN
FROM WINDOWS on them, give them appropriate permissions.
Will these logins and permissions survive the cloning operation? My biggest
concern would be how SQL refers to logins, but some kind of GUID, or by the
name itself. My guess is that if it is by name itself, then it should be
fine.
In case you are concerned about licensing, I am using SQLExpress :-)
Thanks for any insight,
JoeHi, Joe,
SQL Server recognize logins by the name. You can see the logins from the
system view sys.syslogins.
If you have any other questions or concerns, please feel free to let me
know.
Best regards,
Charles Wang
Microsoft Online Community Support
========================================
=============
Get notification to my posts through email? Please refer to:
http://msdn.microsoft.com/subscript...ault.aspx#notif
ications
If you are using Outlook Express, please make sure you clear the check box
"Tools/Options/Read: Get 300 headers at a time" to see your reply promptly.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscript...t/default.aspx.
========================================
==============
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from this issue.
========================================
==============
This posting is provided "AS IS" with no warranties, and confers no rights.
========================================
==============|||Hi Charles,
then why do a dba needs to fix the user when he/she restores the database to
a server where there is a same login exist with the same user name?
I thought even though they match it does not work because they have 2
different SID's.
Correct me if I am wrong, thanks...
Good day,
Bulent
"Charles Wang[MSFT]" wrote:
> Hi, Joe,
> SQL Server recognize logins by the name. You can see the logins from the
> system view sys.syslogins.
> If you have any other questions or concerns, please feel free to let me
> know.
> Best regards,
> Charles Wang
> Microsoft Online Community Support
> ========================================
=============
> Get notification to my posts through email? Please refer to:
> [url]http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif[/ur
l]
> ications
> If you are using Outlook Express, please make sure you clear the check box
> "Tools/Options/Read: Get 300 headers at a time" to see your reply promptly
.
>
> Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
> where an initial response from the community or a Microsoft Support
> Engineer within 1 business day is acceptable. Please note that each follow
> up response may take approximately 2 business days as the support
> professional working with you may need further investigation to reach the
> most efficient resolution. The offering is not appropriate for situations
> that require urgent, real-time or phone-based interactions or complex
> project analysis and dump analysis issues. Issues of this nature are best
> handled working with a dedicated Microsoft Support Engineer by contacting
> Microsoft Customer Support Services (CSS) at
> http://msdn.microsoft.com/subscript...t/default.aspx.
> ========================================
==============
> When responding to posts, please "Reply to Group" via
> your newsreader so that others may learn and benefit
> from this issue.
> ========================================
==============
> This posting is provided "AS IS" with no warranties, and confers no rights
.
> ========================================
==============
>
>|||Hi, Bulent,
A DBA does not need to fix the users if he only wants to restore a database
to a new server.
Your thinking is right. Logins are associated to users by the security
identifier (SID), and if the SID is inconsistent after you move a database,
SQL Server may deny the user access to the database. At this time, you may
need to run the stored procedure sp_change_users_login to map the user and
login. Also there is a tool Mapsids.exe which can help you map SIDs between
user and master database when database is moved.
Please refer to:
How to move databases between computers that are running SQL Server
http://support.microsoft.com/?id=314546
How to resolve permission issues when you move a database between servers
that are running SQL Server
http://support.microsoft.com/kb/240872/
Please feel free to let me know if you have any other questions or
concerns. Have a good day!
Best regards,
Charles Wang
Microsoft Online Community Support
========================================
=============
Get notification to my posts through email? Please refer to:
http://msdn.microsoft.com/subscript...ault.aspx#notif
ications
If you are using Outlook Express, please make sure you clear the check box
"Tools/Options/Read: Get 300 headers at a time" to see your reply promptly.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscript...t/default.aspx.
========================================
==============
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from this issue.
========================================
==============
This posting is provided "AS IS" with no warranties, and confers no rights.
========================================
==============|||Charles
This procedure has to be done only if you use SQL Server Authentication. If
you use Windows Authentication Only and have the same login exists on the
destination Server always should work properly on restored database.
"Charles Wang[MSFT]" <changliw@.online.microsoft.com> wrote in message
news:y70UDz%23fHHA.4368@.TK2MSFTNGHUB02.phx.gbl...
> Hi, Bulent,
> A DBA does not need to fix the users if he only wants to restore a
> database
> to a new server.
> Your thinking is right. Logins are associated to users by the security
> identifier (SID), and if the SID is inconsistent after you move a
> database,
> SQL Server may deny the user access to the database. At this time, you
> may
> need to run the stored procedure sp_change_users_login to map the user and
> login. Also there is a tool Mapsids.exe which can help you map SIDs
> between
> user and master database when database is moved.
> Please refer to:
> How to move databases between computers that are running SQL Server
> http://support.microsoft.com/?id=314546
> How to resolve permission issues when you move a database between servers
> that are running SQL Server
> http://support.microsoft.com/kb/240872/
> Please feel free to let me know if you have any other questions or
> concerns. Have a good day!
> Best regards,
> Charles Wang
> Microsoft Online Community Support
> ========================================
=============
> Get notification to my posts through email? Please refer to:
> [url]http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif[/ur
l]
> ications
> If you are using Outlook Express, please make sure you clear the check box
> "Tools/Options/Read: Get 300 headers at a time" to see your reply
> promptly.
>
> Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
> where an initial response from the community or a Microsoft Support
> Engineer within 1 business day is acceptable. Please note that each follow
> up response may take approximately 2 business days as the support
> professional working with you may need further investigation to reach the
> most efficient resolution. The offering is not appropriate for situations
> that require urgent, real-time or phone-based interactions or complex
> project analysis and dump analysis issues. Issues of this nature are best
> handled working with a dedicated Microsoft Support Engineer by contacting
> Microsoft Customer Support Services (CSS) at
> http://msdn.microsoft.com/subscript...t/default.aspx.
> ========================================
==============
> When responding to posts, please "Reply to Group" via
> your newsreader so that others may learn and benefit
> from this issue.
> ========================================
==============
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
> ========================================
==============
>
>|||Hi Uri,
Thanks for your pointing out.
I have not found any official documents talking about this. Could you
please let me know why you have this idea?
What is the result if I manually add some domain accounts to a SQL Server
instance? If I run "select * from sys.syslogins", I can see the SIDs of the
new added domain accounts. Do you think that there are some differences
between a SQL account and a Windows account in this case?
Look forward to your response.
Best regards,
Charles Wang
Microsoft Online Community Support
========================================
=============
Get notification to my posts through email? Please refer to:
http://msdn.microsoft.com/subscript...ault.aspx#notif
ications
If you are using Outlook Express, please make sure you clear the check box
"Tools/Options/Read: Get 300 headers at a time" to see your reply promptly.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscript...t/default.aspx.
========================================
==============
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from this issue.
========================================
==============
This posting is provided "AS IS" with no warranties, and confers no rights.
========================================
==============|||Hi Charles
(SQL Server 2000 SP3)
We had recently some issues with moving databases from one server to
another. Lets assume SQL Server is running under SQL Server Autherntication.
The both servers have SQL Login 'Joy' and user database called also 'Joy' on
the source server . Now , we backup and restored database on the new server
so those SID does not match between SQL Login and User in the new restored
database , as a result you cannot connect to the DB.
It does not happen when you have Windows Authentication Only. The chain
does not break in new restored database and you can succefuly connect to the
DB.
I have not played with it on SQL Server 2005 so just my two cents :-))
"Charles Wang[MSFT]" <changliw@.online.microsoft.com> wrote in message
news:fiA9ISKgHHA.4692@.TK2MSFTNGHUB02.phx.gbl...
> Hi Uri,
> Thanks for your pointing out.
> I have not found any official documents talking about this. Could you
> please let me know why you have this idea?
> What is the result if I manually add some domain accounts to a SQL Server
> instance? If I run "select * from sys.syslogins", I can see the SIDs of
> the
> new added domain accounts. Do you think that there are some differences
> between a SQL account and a Windows account in this case?
> Look forward to your response.
> Best regards,
> Charles Wang
> Microsoft Online Community Support
> ========================================
=============
> Get notification to my posts through email? Please refer to:
> [url]http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif[/ur
l]
> ications
> If you are using Outlook Express, please make sure you clear the check box
> "Tools/Options/Read: Get 300 headers at a time" to see your reply
> promptly.
>
> Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
> where an initial response from the community or a Microsoft Support
> Engineer within 1 business day is acceptable. Please note that each follow
> up response may take approximately 2 business days as the support
> professional working with you may need further investigation to reach the
> most efficient resolution. The offering is not appropriate for situations
> that require urgent, real-time or phone-based interactions or complex
> project analysis and dump analysis issues. Issues of this nature are best
> handled working with a dedicated Microsoft Support Engineer by contacting
> Microsoft Customer Support Services (CSS) at
> http://msdn.microsoft.com/subscript...t/default.aspx.
> ========================================
==============
> When responding to posts, please "Reply to Group" via
> your newsreader so that others may learn and benefit
> from this issue.
> ========================================
==============
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
> ========================================
==============
>
>
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment