lefodnes
asked on
What user is used by SQL server when connecting to remote file
I'm running this SQL code
However, I would like to connect to the file that is located on 192.168.50.17 (developer machine), but this does not work. Probably because there's not sufficient user rights from SQL Server to access the file system on 192.168.50.17.
Which user is SQL server using here? It is not the same user as I am connecting the SQL session with, because that user has access to the shared folder on 192.168.50.17.
Alternatively, how can I figure out which user is trying to connect to the shared folder on 192.168.50.17 (Win7)
CREATE ASSEMBLY dlls
/*FROM '\\192.168.50.17\SQL-dll\SQL-dll.dll'*/
FROM 'c:\temp\SQL-dll.dll'
GOHowever, I would like to connect to the file that is located on 192.168.50.17 (developer machine), but this does not work. Probably because there's not sufficient user rights from SQL Server to access the file system on 192.168.50.17.
Which user is SQL server using here? It is not the same user as I am connecting the SQL session with, because that user has access to the shared folder on 192.168.50.17.
Alternatively, how can I figure out which user is trying to connect to the shared folder on 192.168.50.17 (Win7)
ASKER
Thanks strivoli. You helped me a little on the way.
I configured auditing for all users, and I watched it while running the same query from either dev machine or the server.
When running from the server SSMS, it connects from the SQL server as my user name (I'm logged in on it), and then it works (using the \\192.168.50.17\SQL-dll\SQ
When running from the dev machine, it connects from the SQL server as "NT-AUTHORITY\Anonymous". Even if I grant Anonymous rights to the folder on the DEV machine, it cannot read the file. Why is it different? Isn't the same SQL processed, no matter where SSMS is connected from?
Is the anonymous on my dev machine not the same as anonymous on the SQL server machine?
I configured auditing for all users, and I watched it while running the same query from either dev machine or the server.
When running from the server SSMS, it connects from the SQL server as my user name (I'm logged in on it), and then it works (using the \\192.168.50.17\SQL-dll\SQ
When running from the dev machine, it connects from the SQL server as "NT-AUTHORITY\Anonymous". Even if I grant Anonymous rights to the folder on the DEV machine, it cannot read the file. Why is it different? Isn't the same SQL processed, no matter where SSMS is connected from?
Is the anonymous on my dev machine not the same as anonymous on the SQL server machine?
I'll send you an official MS link that shows you how to allow anonymous access to a folder. Shortly:
a. Need to allow anonymous at the File System level,
b. Need to allow anonymous at the share level,
c. Need to allow the share to be accessed anonymously.
Will be more precise when I'll send you the full link (don't have it handy and can't find it on the net right now).
Anyway, I don't remember I had to set anonymous access when I faced same problem.
Are the 2 servers members of the same domain?
a. Need to allow anonymous at the File System level,
b. Need to allow anonymous at the share level,
c. Need to allow the share to be accessed anonymously.
Will be more precise when I'll send you the full link (don't have it handy and can't find it on the net right now).
Anyway, I don't remember I had to set anonymous access when I faced same problem.
Are the 2 servers members of the same domain?
I didn't respond to your questions: anonymous is the same independently from the computer it tries to access from. Your anonymous rights aren't enough. This is why I'll send you full details.
ASKER
thanks a lot for your answers. the two different machines are not on the same domain, nor on the same lan.
looking forward to see your link about this issue.thanks again.
looking forward to see your link about this issue.thanks again.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Super! That trick did it :)
In order to be sure which account is used and is access denied to the computer and/or share, set the auditing on the share/folder and have a look at the Windows Security Logs.