Re: Linked Server to MS Access Database Using Mapped Drive
From: Mark Johnson (no-reply@nospam.com)
Date: 08/28/02
- Next message: Mark Johnson: "Running SQL Server Service as Domain User? - Security Concerns?"
- Previous message: Jasper Smith: "Re: Which right to create JOB ?!"
- In reply to: Mark Johnson: "Re: Linked Server to MS Access Database Using Mapped Drive"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Mark Johnson" <no-reply@nospam.com> Date: Wed, 28 Aug 2002 14:08:23 -0400
This probably belongs in a new post in this group, as it is really a
different issue. I will repost to this group with the issue of my security
concerns for the server/domain. Thank-you all for your help!
- Mark
"Mark Johnson" <no-reply@nospam.com> wrote in message
news:eCuYB7pTCHA.1648@tkmsftngp08...
> OK, here's what I did on a test development server to see if this would
> work:
>
> =================================
> 1.) Went to services section in MMC
>
> 2.) Changed services MSSQLSERVER, MSSQLServerADHelper, and SQLSERVERAGENT
to
> all run as a domain user account (my personal domain account, which does
> have access to the necessary sharename on the server where this DB is
> stored)
>
> 3.) Added new linked server with the same information, except I sued the
UNC
> path instead of the mapped drive.
>
> 4.) Yay, it worked.
> =================================
>
> However, I got to thinking. In the event that we had other people who had
> SQL server databases stored on this computer which they were able to
access
> remotely through Enterprise manager to administer their own database(s),
> could this potentially pose a security risk running the SQL server as a
> limited domain user account (moreso than running it as a LOCALSYSTEM
> account), so that if the user knew what the sharename was called, they
would
> be able to somehow access this data through their the SQL server that they
> have an account on?
>
> Also, I will of course be creating a special account for the SQL server
> services to run on. Any tips on what privs to give or to NOT give this
> account? My guess is that it will have to have some more privileges than
> just a regular "User" account which also happens to have access to a share
> on another server on which the accees database is stored, but I dont know
> where to go to find this information.
>
> If anyone out there could point me in the right direction here, I would
> greatly appreciate it.
>
> - Mark
>
>
>
> "BP Margolin" <bpmargo@attglobal.net> wrote in message
> news:OHDJsvjTCHA.2412@tkmsftngp13...
> > Mark,
> >
> > Security is certainly a good first guess :-)
> >
> > Check to see if your SQL Server instance is running under the
LocalSystem
> > account. The LocalSystem account has no network permissions. If it is
> > running under LocalSystem, consider changing the account to a Domain
> account
> > with more appropriate permissions.
> >
> > -------------------------------------------
> > BP Margolin
> > Please reply only to the newsgroups.
> > When posting, inclusion of SQL (CREATE TABLE ..., INSERT ..., etc.)
which
> > can be cut and pasted into Query Analyzer is appreciated.
> >
> > "Mark Johnson" <no-reply@nospam.com> wrote in message
> > news:#UehirhTCHA.3896@tkmsftngp11...
> > > Hello:
> > >
> > > As you may or may not have seen from my recent postings in this group,
I
> > > have been working on creating a linked server connection to an access
> > > databas on the same server as the sql server installation, which I
have
> > done
> > > successfully. however, when I try to change the location of the
databse
> > to
> > > a mapped drive to another server, I get this error:
> > >
> > > ===============================
> > > Server: Msg 7399, Level 16, State 1, Line 1
> > > OLE DB provider 'Microsoft.Jet.OLEDB.4.0' reported an error.
> > > [OLE/DB provider returned message: 'z:\test\mydb.mdb' is not a valid
> path.
> > > Make sure that the path name is spelled correctly and that you are
> > connected
> > > to the server on which the file resides.]
> > > ===============================
> > >
> > > I get a similar error if I try to use the UNC pathname for the
> connection
> > > (\\myserver\sharename\test\mydb.mdb).
> > >
> > > Any ideas on this? I think it has something to do with what user SQL
> > server
> > > is running as, and security permissions to that mapped drive are not
> > > sufficient to connect to it as the user that SQL Server is running as.
> > Any
> > > ideas on this?
> > >
> > > - Mark
> > >
> > >
> >
> >
>
>
- Next message: Mark Johnson: "Running SQL Server Service as Domain User? - Security Concerns?"
- Previous message: Jasper Smith: "Re: Which right to create JOB ?!"
- In reply to: Mark Johnson: "Re: Linked Server to MS Access Database Using Mapped Drive"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
