473,399 Members | 3,401 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > microsoft sql server > questions > local admin rights needed to use dsns on w2k3 server?

Join Bytes to post your question to a community of 473,399 software developers and data experts.

Local Admin Rights Needed to Use DSNs on W2K3 Server?

Hi, (sorry this is a long one)

I have MSSQL 2000 (version 8.00.2187) installed on Windows Server 2K3, nothing 'special' has been done to either of these servers as far as configuration goes.

The exact details of the Windows server are Version - 5.2.3790, SP1.

In order to query an Oracle db from SQL, I've set up a linked server within SQL that uses a DSN to connect to the Oracle system. I use ADO to connect to SQL with integrated security (SSPI = True) and users can fire SQL stored procedures via an app. which query the linked server (so these SPs of course are using the DSN).

The problem is that unless the user's domain account (the context which I presume SQL is passing to Windows when using the DSN due to the fact that integrated security is being used) is a member of the local admins group on the server, they obtain a security related error message stating that access is denied. Even if the user is a member of Power Users on the server, they get the same error. However as soon as the users account is a member of local admins on they can fire the stored procedures and get data from the linked server no problems.

I can understand why you would want to place security around DSNs which may be able to connect to a datasource with elevated privileges, but conversely I don't like having to make end users admins of server boxes.

So my question - is it possible to modify our setup in some way to either 1) configure Windows to allow 'normal' users (no elevated windows privileges) to call and use DSNs in the manned described above or 2) configure SQL to not pass a users credentials when calling to Windows to use a DSN (instead perhaps passing the credentials of the SQL service), this way I could grant the right permissions to the SQL account and wouldn't end up with loads of end users being local admins on my server. If this is possible could someone describe to me the steps taken to do this.

I've spoken to someone from IT about this and he suggests opening up permissions on the registry where details of DSNs are stored. Not surprisingly I'm not overly keen on this option.

Thanks for reading this far, any suggestions greatly appreciated!

Cheers,

Ian
Jun 11 '07 #1
1 1895
Motoma
3,237 Expert 2GB
This is a darn good question to which I have no real answer to. I have no experience (read: exactly zero experience) with DSNs, so I can only give broad suggestions on how I would go about this.

My only suggestion is to take a look at the Security tree in Enterprise Manager. Pay particular attention to the Logins and Linked Servers tabs. Thoroughly check all of the permissions for the user accounts in that area.

Sorry I could not be of more help.
Jun 11 '07 #2

Sign in to post your reply or Sign up for a free account.

Similar topics

2
PHP 5.03 IIS 6 Oracle 9i connection help needed
by: jayPLEASEtylerNOwilliamsSPAM | last post by:
Hi, I set up PHP 4.xx using Apache 1.3 on Windows XP to begin a project. The project now needs to be moved to a real test box. Admittedly, I am not quite sure how I was able to access Oracle on my...
PHP
3
Copying Local Profile to network drive in .NET
by: Robert Tarantino | last post by:
Hello, I am trying to find a way to create a scheduled task or service that will copy my local profile folders under "Documents and settings" to a network drive. This would allow me to restore...
.NET Framework
1
Conversion from 2.0 to 2000: Admin has no Administer rights on forms
by: Stephan Neuhaus | last post by:
Hi all. I'm having a problem that's driving me nuts. I am not familiar with Access, but I have read the FAQ, searched google, read the Access Security FAQ, and looked at the Access Web, to no...
Microsoft Access / VBA
6
VS2005 - Unable to open local iis site other than localhost
by: Brad | last post by:
I have a win2003 server workstation with multiple webs, each web has it's own ip address. In VS2005, if I select to open an existing web site, select Local IIS, the dialog correctly displays a...
ASP.NET
10
Login failed for user 'NT AUTHORITY\LOCAL SERVICE'.
by: musosdev | last post by:
Wonder if someone can help! We're getting the following error on our Intranet system as soon as we login.. ------------------ Exception Details: System.Data.SqlClient.SqlException: Login...
ASP.NET
4
Unable to Deploy ASP.Net 2.0 App to Local IIS
by: Tim Brooks | last post by:
All, Not sure where else to go. I have: VS2005, XP SP2 Media Center, IIS5.1 Problem: Apps developed (even simple "Hello WOrld") apps simply won't deploy properly to either my local IIS...
ASP.NET
1
Can someone please describe why impersonation requires the impersonator to be local admin?
by: Daniel | last post by:
Can someone please describe why impersonation requires the impersonator to be local admin?
.NET Framework
0
MSDE, SQL Server Replication & Local Admin Rights
by: BOD661 | last post by:
Hi, Is it true that to operate merge replication with MSDE on a laptop / desktop to a server running SQL Server the user requires local admin rights to their laptop / desktop? Thanks
Microsoft SQL Server
5
Temporarily give the current user Local Admin rights
by: TravisTurman | last post by:
I'm a C# newbie and have inherited a program that runs at login. Part of the program looks at a text file to see which version is installed and then installs the latest greatest version if needed....
C# / C Sharp
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!