md0333
asked on
Create a Universal User for SQL2005 express
I have a VB6 app that connects to SQL2005 express through a network. Right now I have to take all of the users and add them to the SQLSERVER2005SQLUser, SQLSERVER2005SQLBrowserUse r on the Server. Then add them to the Logins on the DB and give them permissions on the SQLExpress/permissions. Every time I have a new person come on board I have to get their login ID and go through the process again. Corporate now wants me to install this program throughout the company.... thousands of users.
My question is... can I create a universal user and add that user and password to my connection string in the VB app? (similar to 'sa', 'password') Right now SQLExpress is using windows authentication. Would I then need to switch it to SQL Server Authentication?
My question is... can I create a universal user and add that user and password to my connection string in the VB app? (similar to 'sa', 'password') Right now SQLExpress is using windows authentication. Would I then need to switch it to SQL Server Authentication?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
OK... Changed SQLExpress to mixed mode... created a new User on the Server. I then went to my database/Security/Users and tried to add that user but it would not. How do I create a logon for the DB? I must be doing it incorrectly...
Need to make the user first under "Security -> Logins"
Here is an screenshot of where it is in SQL Management Studio
Screenshot.jpg
Screenshot.jpg
ASKER
OK... Got the user created. Added that user to my Database. User I created is SDS... DB name is SDS also. Changed my connection string to look like this:
'''''''''''''''''''''''''' '''''''''' '''''''''' '''''''''' '
Dim sDB As String
sDB = "SDS"
gsServerName = "ACJTS01\SQLEXPRESS"
' Specify the OLE DB provider.
cn.Provider = "sqloledb"
' Set SQLOLEDB connection properties.
cn.Properties("User ID").Value = "SDS"
cn.Properties("Password"). Value = "password"
cn.Properties("Initial Catalog").Value = sDB
' Windows NT authentication.
cn.Properties("Integrated Security").Value = "SSPI"
'''''''''''''''''''''''''' '''''''''' '''''''''' '''''''''' '''''''''' '''''''''' ''''''''
Now when I try to login I get this error.
Run-time error '-2147467259 (80004005)':
[DBNETLIB][ConnectionOpen( Connect()) .]SQL Server does not exist or access denied.
What am I missing?
''''''''''''''''''''''''''
Dim sDB As String
sDB = "SDS"
gsServerName = "ACJTS01\SQLEXPRESS"
' Specify the OLE DB provider.
cn.Provider = "sqloledb"
' Set SQLOLEDB connection properties.
cn.Properties("User ID").Value = "SDS"
cn.Properties("Password").
cn.Properties("Initial Catalog").Value = sDB
' Windows NT authentication.
cn.Properties("Integrated Security").Value = "SSPI"
''''''''''''''''''''''''''
Now when I try to login I get this error.
Run-time error '-2147467259 (80004005)':
[DBNETLIB][ConnectionOpen(
What am I missing?
If you establish a common login for all users, then you need to invent your own mechanism for distinguishing one from the other (think audit trail) and everyone will have the same permissions. Not always the best arrangement.
Often it's better to use Windows authentication as Angel suggests, and manage the database security at the group level. In it's simplest form, you can create a single Windows group and manage database permissions to that group. Then membership in that group entitles one to the associated permissions.
Slightly more work that a singular login, but well worth it when corporate comes along with their next request.
Often it's better to use Windows authentication as Angel suggests, and manage the database security at the group level. In it's simplest form, you can create a single Windows group and manage database permissions to that group. Then membership in that group entitles one to the associated permissions.
Slightly more work that a singular login, but well worth it when corporate comes along with their next request.
try commenting out this line:
cn.Properties("Integrated Security").Value = "SSPI"
cn.Properties("Integrated Security").Value = "SSPI"
The following is wrong when using SQL Authentication.
cn.Properties("Integrated Security").Value = "SSPI"
change to:
cn.Properties("Integrated Security").Value = False
cn.Properties("Integrated Security").Value = "SSPI"
change to:
cn.Properties("Integrated Security").Value = False
ASKER
microbolt - I tried it with and without that line of code.... same issue.
angel and dqmq - my problem is that "corporate" is different domains all over the US. I will not have access to these domains or servers other than installation time. They don't all necessarily have IT guys so I'm trying to simplify this as much as possible. If I'm understanding what you are saying correctly, they would still have to have someone add any new employees to this group you are suggesting I create. I'm trying to think of this implementation as.... load software, DB, create universal user account and be done. I can update the software with a new .exe file but won't have to worry about new employees as long as the software is on their computer. The data is not sensitive...
angel and dqmq - my problem is that "corporate" is different domains all over the US. I will not have access to these domains or servers other than installation time. They don't all necessarily have IT guys so I'm trying to simplify this as much as possible. If I'm understanding what you are saying correctly, they would still have to have someone add any new employees to this group you are suggesting I create. I'm trying to think of this implementation as.... load software, DB, create universal user account and be done. I can update the software with a new .exe file but won't have to worry about new employees as long as the software is on their computer. The data is not sensitive...
ASKER
ok... tried changing the code to
cn.Properties("Integrated Security").Value = False
got a different error:
Multiple-step OLE DB operation generated errors. Check each OLE DB status value, if available. No work was done.
???
cn.Properties("Integrated Security").Value = False
got a different error:
Multiple-step OLE DB operation generated errors. Check each OLE DB status value, if available. No work was done.
???
Try changing:
cn.Properties("User ID").Value = "SDS"
cn.Properties("Password"). Value = "password"
cn.Properties("Initial Catalog").Value = sDB
to
cn.Properties("uid").Value = "SDS"
cn.Properties("pwd").Value = "password"
cn.Properties("Database"). Value = sDB
cn.Properties("User ID").Value = "SDS"
cn.Properties("Password").
cn.Properties("Initial Catalog").Value = sDB
to
cn.Properties("uid").Value
cn.Properties("pwd").Value
cn.Properties("Database").
ASKER
micobolt - no joy
VB does not recognize those... "Cannot be found in the collection corresponding to the requested name or ordinal"
VB does not recognize those... "Cannot be found in the collection corresponding to the requested name or ordinal"
Never actually saw you put the data source in. Is it somewhere else in your code:
cn.Properties("Data Source").Value = gsServerName;
And your right the "user id" and "password" are the correct fields. You should be able to just comment out the "Integrated Security" and it work.
cn.Properties("Data Source").Value = gsServerName;
And your right the "user id" and "password" are the correct fields. You should be able to just comment out the "Integrated Security" and it work.
ASKER
looks like we are getting closer... I added the Data Source line of code (had it commented out... idiot) and now I'm getting another error when I try to load the program but it has to do with the PRODUCT table in my db.
The SELECT permission was denied on the object 'PRODUCT', database 'SDS', schema 'dbo'.
The SELECT permission was denied on the object 'PRODUCT', database 'SDS', schema 'dbo'.
Did you give your user proper permission in SQL management studio? If you want full access it needs db_owner privilege.
ASKER
I got it... I had to go into the DB and give the SDS user db_datareader and db_datawriter Schema and Role...
Now, program seems to work fine... any other things I should add to this user?
Now, program seems to work fine... any other things I should add to this user?
ASKER
OK... gave it db_owner. Thanks microbolt!!! Awarding points now!
then, create in your sql the login based on that group.
grant that group the permissions.
make all the existing users members of that group in AD.
make all new users members of that group in AD.
remove all existing users from the sql server security that only had that profile.