Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

SQL - Grant group access to database fails

Posted on 2013-06-11
5
Medium Priority
?
329 Views
Last Modified: 2013-08-06
Hoping someone can help me out here.

I've create a database in SQL 2005 and need to have users access it via Excel.
If I gran login access to a user account, excel quite happily connects, all is good.

I however want to grant access with an AD global group instead of per user.  When I do so, using the same server & database permissions, Excel gives me a login failed.

To be clear, I'm assigning my database as the default database in the General tab.
Server Roles - Public (default)
User Mapping - public, db_datareader

In the server event log I get a Failure Audit on the user (when I've assigned group access to the database), event ID 18456.

Can't figure this out. Still searching...
Thank you for your time.
0
Comment
Question by:Jay
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 4

Expert Comment

by:TalShyar
ID: 39238352
Take a look at this article if you have not already done so:

http://blogs.msdn.com/b/sql_protocols/archive/2006/02/21/536201.aspx
0
 

Author Comment

by:Jay
ID: 39238678
Thank you.   I went through it but didn't find anything that matched my issue.

So specifically, I'm getting "severity 14, state 16".
Everything Ive read so far point to the login not being set to an active database, yet like I said, the same setup on a user account works fine.
0
 
LVL 25

Expert Comment

by:DBAduck - Ben Miller
ID: 39239994
So to be clear, you have created a global group in AD and added this user, that worked when used alone, to this group.

Then you went into SQL and added this Global Group to Login and set a default database to your database, then mapped this group to a database and assigned db_datareader.

Is that where you are now?
0
 
LVL 75

Accepted Solution

by:
Anthony Perkins earned 1500 total points
ID: 39240004
So you created a Windows Login in SQL Server as opposed to a SQL Server Login?  Did you map the user in the database to this Login?  What does your connection string in Excel look like?
0
 

Author Comment

by:Jay
ID: 39242468
dbaduck - That sounds about right.

Under Security/Logins, I added the user account, assigned the database, and assigned permissions db_datareader.

Works fine.

Same procedure except using the global group doesn't work.  
I'm assuming i should be assinging the database under User Mapping?  Right ? Thats where i would normally select the database and then assign db_datareader.
Server Roles is set to Public
nothing else is changed.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
Viewers will learn how to use the SELECT statement in SQL and will be exposed to the many uses the SELECT statement has.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question