[dba-SQLServer] Back to the login thing

Colby, John JColby at dispec.com
Fri Nov 19 11:35:21 CST 2004


Jim,

I am running Windows XP Pro on all the boxes.  I have SQL Server 2000
installed on all the boxes, a full install.  I am not actually using the SQL
Server piece on anything except Neo2, although the server does start as a
service and is running.  I could unload it if necessary since I really do
not have any use for it on the other boxes ATM.  I would prefer to keep it
installed if possible, just not starting the service.

Notice that SQL Server 2000 is not supposed to run on Windows XP Pro, i.e.
if I just try an install from the disks I get a "won't run on this OS" error
message and refuses to install.  I have no idea why.  I have a copy of SQL
Server that has been modified to allow it to install without asking for a
key or any such and it installs just fine on XP Pro so I have to believe
that it really does run and is just an attempt by MS to force users of SQL
Server to upgrade the server OS software.

At any rate, I do not have a domain controller, just a workgroup.  I am not
savvy enough to get a domain server installed and fear opening a whole slew
of issues by attempting to do so.

What do you mean by setting the login style to classic?  On WinXP?  I have
already done so, each machine presents the Windows 2000 style username /
password dialog at boot.

I would appreciate any info you can send to help me get this thing
happening.

John W. Colby
The DIS Database Guy


-----Original Message-----
From: Jim Lawrence (AccessD) [mailto:accessd at shaw.ca]
Sent: Friday, November 19, 2004 12:20 PM
To: dba-sqlserver at databaseadvisors.com
Subject: RE: [dba-SQLServer] Back to the login thing


Hi John:

It sets the security of each XP station. If these XP stations are also being
used as SQL servers then your NT authentication will not work as the login
will not be properly recognized. Windows2000/XP Servers have issues handling
XP stations default logins (P2P), you will have to setup a domain, if you
can not or do not want to change the login style to 'classic'.

If you need any more information I will send you all I have...(Did this all
the hard way a few months ago and now my two servers, each with a SQL 2000
version and all the stations seem very happy...along with a number of
clients.)

HTH
Jim

-----Original Message-----
From: dba-sqlserver-bounces at databaseadvisors.com
[mailto:dba-sqlserver-bounces at databaseadvisors.com]On Behalf Of Colby,
John
Sent: Friday, November 19, 2004 8:22 AM
To: 'dba-sqlserver at databaseadvisors.com'
Subject: RE: [dba-SQLServer] Back to the login thing


I am an administrator with full rights to everything.

Is the method you described originally aimed at setting security back to
classic?  If so is this change global to all security?  Or is it aimed at
changing the security itself on a selected directory, to allow different
users etc.?  If the latter, why am I setting the security on this specific
directory to handle a SQL login issue?

John W. Colby
The DIS Database Guy


-----Original Message-----
From: Jim Lawrence (AccessD) [mailto:accessd at shaw.ca]
Sent: Thursday, November 18, 2004 12:41 PM
To: dba-sqlserver at databaseadvisors.com
Subject: RE: [dba-SQLServer] Back to the login thing


Hi John:

You should be able to set the security or these directories, when you are
logged in as the administrator by right-mouse clicking on the directory (The
Windows root.), select properties, select the security tab, select the full
access control and allowing the security changes to cascade to all the
subdirectories. (I have assumed that you have setup an administrator login
with unlimited rights, first.)

HTH
Jim

-----Original Message-----
From: dba-sqlserver-bounces at databaseadvisors.com
[mailto:dba-sqlserver-bounces at databaseadvisors.com]On Behalf Of John W.
Colby
Sent: Thursday, November 18, 2004 6:16 AM
To: dba-sqlserver at databaseadvisors.com
Subject: RE: [dba-SQLServer] Back to the login thing


Jim,

I followed you (I think) until I got to

>Navigate to the X:\windows\security\database\ directory and select the
latest *.sdb .

I assume that is the windows directory.  I went there and found two
databases.  Secedit.sdb denies my attempt to open it.  Udated.sdb allows me
to open it but it cannot be expanded per your next instruction.

John W. Colby
www.ColbyConsulting.com

Contribute your unused CPU cycles to a good cause:
http://folding.stanford.edu/

-----Original Message-----
From: dba-sqlserver-bounces at databaseadvisors.com
[mailto:dba-sqlserver-bounces at databaseadvisors.com] On Behalf Of Jim
Lawrence (AccessD)
Sent: Thursday, November 18, 2004 2:16 AM
To: dba-sqlserver at databaseadvisors.com
Subject: RE: [dba-SQLServer] Back to the login thing


Hi All:

XP is a 'bastard' of an OS when it comes to security. Unlike all previous
systems, it has a new method of handling security access, to a station. The
default mode is the 'guest' mode and it has screwed up more uninformed users
and technical support the possibly imagined. There is a way to fix this and
that is by changing the security method to 'classic' mode but it is
carefully hidden. Below are steps to resolve this: (You have to be logged on
as administrator and have access to the WINNT directories and below.):

1. Go to <start> and enter 'mmc' in the <run> field.
2. When the MMC menu pops up select File/Add/Remove Snapin...
3. Select Add on the Add/Remove menu.
4. Select 'Security Configuration and Analysis' from the list menu.
Highlight, Add, Close and OK.
5. At the 'Consul Root' menu, right-mouse click and select 'Open database'.
6. Navigate to the X:\windows\security\database\ directory and select the
latest *.sdb . (Usually 'update.sdb')
7. Expand the 'Security Configuration and Analysis' icon, 'Local Policies'
and 'Security Options'.
8. From the right list double click 'Network Access: Security Model for
Local Accounts'.
9. Tag 'Define this Policy in the database', choose 'Classic - Local users
authentication as themselves', Apply and Exit.

Now you should not have any issues connecting to your SQL now.

HTH
Jim


_______________________________________________
dba-SQLServer mailing list
dba-SQLServer at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-sqlserver
http://www.databaseadvisors.com

_______________________________________________
dba-SQLServer mailing list
dba-SQLServer at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-sqlserver
http://www.databaseadvisors.com

_______________________________________________
dba-SQLServer mailing list
dba-SQLServer at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-sqlserver
http://www.databaseadvisors.com

_______________________________________________
dba-SQLServer mailing list
dba-SQLServer at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-sqlserver
http://www.databaseadvisors.com




More information about the dba-SQLServer mailing list