Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 493
  • Last Modified:

Lost permissions MS Sql server

Hi all!

Something strange has happened, suddenly only domain users an sa-account have connect-only access to the SQL-server. Domain admins are gone, and I am unable to do anything since all users only have connect-access. I haven't done anything to the server at all, it just suddenly was a problem backing up the database because of the lack of permissions.

Thanks for any help

Kjetil
0
Sekodata
Asked:
Sekodata
  • 2
  • 2
1 Solution
 
Marten RuneSQL Expert/Infrastructure ArchitectCommented:
What does the errorlog say?
http://support.microsoft.com/kb/966659

Do you backup through a sql agent job, if so what account is the SQL agent running under?

Does the windows applicationlog reveal anything of interest

Come back with answers to these questions and well figure this out.

Regards Marten
0
 
SekodataAuthor Commented:
Hi, the event log:
Login failed for user 'sa'. Reason: An error occurred while evaluating the password. [CLIENT: (ip-address)]

the sql log:
2014-02-14 13:44:57.11 Logon       Error: 18456, Severity: 14, State: 7.
2014-02-14 13:44:57.11 Logon       Login failed for user 'sa'. Reason: An error occurred while evaluating the password. [CLIENT: (ip-address)]
2014-02-14 13:44:58.25 Backup      Error: 3041, Severity: 16, State: 1.
2014-02-14 13:44:58.25 Backup      BACKUP failed to complete the command BACKUP DATABASE (databasename)
0
 
Marten RuneSQL Expert/Infrastructure ArchitectCommented:
State 7: The login is disabled *and* the password is incorrect.
http://sqlblog.com/blogs/aaron_bertrand/archive/2011/01/14/sql-server-v-next-denali-additional-states-for-error-18456.aspx

I'm guessing the authentication mode is not mixed mode, since the SA account is disabled.
Otherwise it can't be disabled if I'm not incorrect.

If you hav a account use it, otherwise restart SQL using the -m
(Start the instance of SQL Server in single-user mode by using either the -m options)
http://technet.microsoft.com/en-us/library/dd207004(v=sql.105).aspx
Now local admins can logon.

Your main problem is probably that there is no known fullbackups, so log backups cannot be performed, se:
http://social.msdn.microsoft.com/Forums/sqlserver/en-US/13e7a89e-bc75-492c-98c6-24e4158f76c3/error-3041-severity-16-state-1-check-the-backup-application-log?forum=sqltools

So fix the accounts (starting up with -m switch), correct the accounts, run a native fullbackup and logbackup to see that they work (don't throw these). Run your backups using your 3'rd party tool. verify the backups on a different server or something similar. Now you can throw the native backups you did earliare.

Regards Marten
0
 
SekodataAuthor Commented:
I've requested that this question be deleted for the following reason:

no fix
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now