Solved

SQL Windows authentication for same name accounts

Posted on 2011-09-06
9
368 Views
Last Modified: 2012-08-13
I have a program written in VB.NET that accesses data in a SQL 2000 database.  It uses an ODBC System DSN data source to connect, configured on Windows authentication.  For each user that needs access, I have added domain\user to the Logins in SQL Enterprise Manager and given the user public access to the relevant database.  Everything works as intended.

Where there is an issue is that some users have a SQL login that matches their domain login for the same database.  When I attempt to grant access to the database, it indicates the user already exists.  For example, domain\jsmith has a SQL account jsmith.  I can create domain\jsmith in EM, but I cannot grant them database access as it says user jsmith already exists.

In attempt to remedy the issue, I changed the ODBC System DSN to SQL authentication, specifying a valid SQL login and password.  When I attempt to run the program it gives: "ERROR  [28000] [Microsoft ODBC SQL Server Driver] [SQL Server] Login failed for user '(null)'.  Reason: Not associated with a trusted SQL Server connection."  (For testing, I tried the 'sa' account, and even this doesn't work.)

-Scott
0
Comment
Question by:CC85
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
9 Comments
 
LVL 29

Expert Comment

by:sammySeltzer
ID: 36493252
NO, I would change your odbc back to windows authentication.

Then try giving the user READ access by going to your db and right-click on it.

Select Properties

click on Permissions

Select the name you wish to give permission to and check the appropriate box, in your case SELECT box and I think that should take care of it.

0
 
LVL 1

Author Comment

by:CC85
ID: 36493293
In the database properties permissions tab under user/role, the only users I see are those that already have access to this particular database.  

I'm able to create a login for domain\jsmith but when I go to the Database Access tab of the Login Properties box I cannot give them database access.  It gives: Error 21002: [SQL-DMO]User 'jsmith' already exists.  (I am unable to delete the SQL login for "jsmith" because another software program requires SQL logins for all users.)
0
 
LVL 29

Expert Comment

by:sammySeltzer
ID: 36493323
You give them permissions through the database as I described.

If you don't see them, then add them by clicking the Add or Search button.

Then click Browse.

There, you see a bunch of users, including the ones you are looking for.

Select it, then look for the appropriate permission as I described like SELEcT
0
Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

 
LVL 8

Accepted Solution

by:
coolfiger earned 500 total points
ID: 36493334
open sql management studio

go to the database iteself expand it
go to security i believe and logins. delete the user thats saying it allready exists and then try re adding .

I would also liek to suggest usign a security group instead of a single user by user ... its a lot easier .. so in active directory u jsut add a user to the group and presto ... access to the odbc..

Please note above you may have to delete the login from under the database logins and under general sql security logins ....

0
 
LVL 8

Expert Comment

by:coolfiger
ID: 36493336
the error you're geting is because the user allready exists on the databse login table ... let me know if my solution works ..
0
 
LVL 1

Author Comment

by:CC85
ID: 36493341
I'm not seeing what you're describing.  In Enterprise Manager, Console Root>MSSQL Servers>SQL Server Group>Server>Databases>MyDatabase.  Right click, Properties, MyDatabase Properties window appears.  Click Permissions.  I see a list of domain\users and SQL logins that already have access.  There is no add or search button.  (There also isn't a SELECT permission, only listed are create, such as Create Table, Create View, Create SP, and Backup.)  I'm using SQL 2000 Standard.
0
 
LVL 1

Author Comment

by:CC85
ID: 36493360
coolfiger - Correct, the user exists as a SQL account using SQL authentication and as domain\user using Windows authentication (two accounts "jsmith" (SQL) and "domain\jsmith" (Windows)).  "Jsmith" with SQL authenticiation is required for another software program, so deleting "jsmith" and leaving only "domain\jsmith" is not an option.
0
 
LVL 1

Author Closing Comment

by:CC85
ID: 36493390
Created a new security group in Active Directory and added the users.  Added domain\ODBC group to SQL logins, granted database access.  Access achieved without adding every user\domain and conflicting with existing accounts.
0
 
LVL 8

Expert Comment

by:coolfiger
ID: 36496635
glad to have helped !
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
In this article we will learn how to fix  “Cannot install SQL Server 2014 Service Pack 2: Unable to install windows installer msi file” error ?
Familiarize people with the process of retrieving data from SQL Server using an Access pass-thru query. Microsoft Access is a very powerful client/server development tool. One of the ways that you can retrieve data from a SQL Server is by using a pa…
Via a live example, show how to set up a backup for SQL Server using a Maintenance Plan and how to schedule the job into SQL Server Agent.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question