Solved

Bulk Insert Access Denied

Posted on 2013-01-08
18
1,075 Views
Last Modified: 2013-10-16
Hi,
 I'm using VB.Net with an SQL Server 2008 R2 DB.
I've got a stored procedure that uses bulk insert to import some files in from a location on the network. It works great when I execute it from sql server.

When I try to execute from the VB app it throws an exeption stating: ex = {"Cannot bulk load because the file "\\usoscs101\DATA\INCOMING\TmTly\GET\Sortfill.TXT" could not be opened. Operating system error code 5(Access is denied.)."}

I haven't been able to grant myself permission for Administer bulk operations. So I'm thinking that might be the problem, but then I'm not sure why I could go into the sp and execute it.  I'm pretty much my own DBA so I'm figuring out some SQL Server as I go.

Thanks,
David
SPcode.txt
VBcode.txt
0
Comment
Question by:coperations07
  • 7
  • 5
  • 3
  • +2
18 Comments
 
LVL 22

Expert Comment

by:Steve Wales
ID: 38757023
Does the user that the SQL Server service runs under have access to the Network Share you're trying to read from ?
0
 

Author Comment

by:coperations07
ID: 38757072
Yes. I drilled down to it just to make sure but it will open when I log in. It uses Windows Authentication.

I also have other applications that hit the same path and execute stored procedures that are running without issue.
0
 
LVL 22

Expert Comment

by:Steve Wales
ID: 38757158
Check the Security Sections of these two documents:

http://msdn.microsoft.com/en-us/library/ms188365.aspx
http://msdn.microsoft.com/en-us/library/ms175915.aspx

I don't know a great deal about the finer details of Windows Security, but between them and this thread: http://social.msdn.microsoft.com/Forums/en-US/transactsql/thread/35578a01-5859-4277-9b70-fc61e3b48813

It seems that the section on "Security Account Delegation (Impersonation)" is what may be relevant.
0
 
LVL 39

Expert Comment

by:appari
ID: 38757331
>>It works great when I execute it from sql server.
Are you using same credentials when executing from sqlserver and vb?
0
 
LVL 10

Expert Comment

by:sqlservr
ID: 38758057
0
 

Author Comment

by:coperations07
ID: 38758884
Yes I'm using the same credentials for vb and sqlserver.

I added the shared path...or atleast followed the steps and executed this:
USE master
go
exec xp_cmdshell 'net use z: \\usoscs101\DATA\INCOMING\TmTly\GET'

I ran the app again and got the same message. Then I changed the path in the SP to 'z:\filename.txt' and it changes the message to an error code 3(file not found).
0
 
LVL 22

Expert Comment

by:Steve Wales
ID: 38758930
What user is the SQL Server service running as ?

Is it the same user you're connecting as ?  The SQL Server service owner, if different from your user, is the user that needs to have access to the file and path.

Does that user have the required permissions ?
0
 

Author Comment

by:coperations07
ID: 38758954
I remote into the server using the same windows login and password that I use to login to my computer that runs the vb app. Is this what you are asking?
0
 
LVL 22

Expert Comment

by:Steve Wales
ID: 38758964
No.

Do Start/Run and and then services.msc.

In the list of Services, you'll see SQL Server (MSSQLSERVER) - assuming it's the default instance.

The last column is usually "Log On As".

What do you see there ?  If it's "Local System" - then it won't have access to the network share.  

SQL Server uses the credentials of the service owner to access that file, not the credentials you use to connect to the SQL Server database engine.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:coperations07
ID: 38759029
Ah...ok.  It doesn't say local system, but it doesn't show my id either. It shows YYYPlantSQLAdmin, which is probably the guy that installed the server. I'll check out the security for that id.
0
 

Author Comment

by:coperations07
ID: 38761002
I got full control rights for the Admin user to that network path, but I'm still running into the same issue.
0
 
LVL 22

Expert Comment

by:Steve Wales
ID: 38761050
Seems like you may need to go back to this:  http://msdn.microsoft.com/en-us/library/ms188365.aspx and visit the section on Security Account Delegation (Impersonation).

I've never done that and am not familiar with that aspect of Windows, so I'm of limited help with that exact setup, sorry.
0
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 38761542
Provided that the SQL Server service account has the appropriate permissions as indicated previously, then you should be able to access the files using a UNC path (don't use mapped drives).
0
 
LVL 10

Expert Comment

by:sqlservr
ID: 38761794
alter database      dbname set partner timeout 60

change the  database name with dbname
0
 

Author Comment

by:coperations07
ID: 38762994
I'm using the UNC paths. I tried to map the driver earlier, but it didn't fix so I changed back.

sqlservr - when I execute that alter db command I get a message saying the database is not configured for mirroring.
0
 
LVL 75

Accepted Solution

by:
Anthony Perkins earned 500 total points
ID: 38765587
I'm using the UNC paths. I tried to map the driver earlier, but it didn't fix so I changed back.
That is just the point you cannot use a mapped drive when using a service.  So if you are using UNC path, then the only reasons that it would fail is that the SQL Server service account:
1. Does not have the appropriate permissions in SQL Server and/or
2. It is not a domain account or does not have access to the folder on the remote server.
0
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 38765635
when I execute that alter db command I get a message saying the database is not configured for mirroring.
Just a word of caution:  Please, please read up on any advice provided here, before trying it, a lot of suggestions are useless and some are downright dangerous.  Just a cursory look in SQL Server's BOL would have told you that:
A. It is related to database Mirroring and
B. Setting the timeout period between mirrored instances.

Neither one have anything remotely to do with your question.

Please be careful.
0
 

Author Comment

by:coperations07
ID: 38766945
Thanks ac. I'm going to dig into the security and see what I can find.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article explains how to reset the password of the sa account on a Microsoft SQL Server.  The steps in this article work in SQL 2005, 2008, 2008 R2, 2012, 2014 and 2016.
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…
Many functions in Excel can make decisions. The most simple of these is the IF function: it returns a value depending on whether a condition you describe is true or false. Once you get the hang of using the IF function, you will find it easier to us…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now