Hello,
I have a problem with Server Traces. Actually I'm running some different
audit traces on SQL2K, that I can access with SQL Profiler or using System
UDF like "fn_trace_getinfo" and "fn_trace_gettable".
The problem is that I need to access to the audit trace files with a
different user, who is not in sysadmin role. So, I want this is user to be
capable to execute that system UDF.
I grant select permissions on "fn_trace_getinfo" to the user,but when I try
to execute a simple query like
"select * from :: fn_trace_getinfo (default)", I receive a message like
this:
Server: Msg 262, Level 14, State 12, Procedure fn_trace_getinfo, Line 10
FN_TRACE_GETINFO permission denied in database 'master'.
Despite this message I have the permissions I need on master. I've been
reading out in the web and books, and all them say that a member of fix
sysadmin role can execute the UDF. But I wonder if there is a way to give
permissions to another users.
Can anyone help me please?
Thanks in advance.
Victor wrote:
> Hello,
> I have a problem with Server Traces. Actually I'm running some
> different audit traces on SQL2K, that I can access with SQL Profiler
> or using System UDF like "fn_trace_getinfo" and "fn_trace_gettable".
> The problem is that I need to access to the audit trace files with a
> different user, who is not in sysadmin role. So, I want this is user
> to be capable to execute that system UDF.
> I grant select permissions on "fn_trace_getinfo" to the user,but when
> I try to execute a simple query like
> "select * from :: fn_trace_getinfo (default)", I receive a message
> like this:
> Server: Msg 262, Level 14, State 12, Procedure fn_trace_getinfo, Line
> 10 FN_TRACE_GETINFO permission denied in database 'master'.
> Despite this message I have the permissions I need on master. I've
> been reading out in the web and books, and all them say that a member
> of fix sysadmin role can execute the UDF. But I wonder if there is a
> way to give permissions to another users.
> Can anyone help me please?
> Thanks in advance.
Running traces in SQL 2000 is limited to system administrators. SQL 2005
allows you to grant trace rights using the Alter Trace grant.
David Gugick - SQL Server MVP
Quest Software
sql
Showing posts with label permissions. Show all posts
Showing posts with label permissions. Show all posts
Friday, March 30, 2012
Wednesday, March 7, 2012
Problems with change sql permissions after migrating domain user/group accounts into root domain
I have a root domain and child domain.
After using ADMT to migrate the domain user or group into the root domain, when I use enterprise manager to try and change the permissions allocated to that domain user/group, i get the 'Error 15401 NT user or Group not found'.
This is a correct error as the user is now in the root domain, however sql (in sysxlogins) still thinks its in the child domain.
Is there a simpler way, other than collecting the users permissions, deleting the user from SQL then adding back in with the correct domain\username format, then adding the permissions back?
I tried renaming the 'name' in sysxlogins (not recommended) and while that worked, whenever I tried to add the migrated user to another database, the login name was missing and would not resolve.
I believe it is something to do with the SID not matching.
Any ideas on how to fix this ?
You're correct, different SIDs.
Here are some articles that may help.
http://www.sqlservercentral.com/columnists/cBunch/movingyouruserswiththeirdatabases.asp Moving Users
http://www.support.microsoft.com/?id=246133 How To Transfer Logins and Passwords Between SQL Servers
http://www.support.microsoft.com/?id=298897 Mapping Logins & SIDs after a Restore
http://www.dbmaint.com/SyncSqlLogins.asp Utility to map logins to users
http://support.microsoft.com/kb/274188 Troubleshooting Orphan Logins
Subscribe to:
Comments (Atom)