I'm going to be installing a sql server behind a firewall. I'd appreciate
any best practice advice on changing the default port number and also wanted
to know if there was a way to secure a sql server by granting access only to
specific IP addresses?
Hi Scott,
Really best practice is changing the default port number of the SQL Server.
But granting access to specific IP addresses only machine 1 to machine 2 or
ip address.
Hugs,
Rodrigo Fernandes
MCSE/MCDBA
"scott" wrote:
> I'm going to be installing a sql server behind a firewall. I'd appreciate
> any best practice advice on changing the default port number and also wanted
> to know if there was a way to secure a sql server by granting access only to
> specific IP addresses?
>
>
|||What do you mean by saying 'but granting access ...'?
"Rodrigo Fernandes" <RodrigoFernandes@.discussions.microsoft.com> wrote in
message news:94A130F7-B240-44DF-9054-9E2BC08D9DE3@.microsoft.com...[vbcol=seagreen]
> Hi Scott,
> Really best practice is changing the default port number of the SQL
> Server.
> But granting access to specific IP addresses only machine 1 to machine 2
> or
> ip address.
> Hugs,
> Rodrigo Fernandes
> MCSE/MCDBA
> "scott" wrote:
Showing posts with label security. Show all posts
Showing posts with label security. Show all posts
Friday, March 30, 2012
Restrict Port Security
I'm going to be installing a sql server behind a firewall. I'd appreciate
any best practice advice on changing the default port number and also wanted
to know if there was a way to secure a sql server by granting access only to
specific IP addresses?Hi Scott,
Really best practice is changing the default port number of the SQL Server.
But granting access to specific IP addresses only machine 1 to machine 2 or
ip address.
Hugs,
Rodrigo Fernandes
MCSE/MCDBA
"scott" wrote:
> I'm going to be installing a sql server behind a firewall. I'd appreciate
> any best practice advice on changing the default port number and also want
ed
> to know if there was a way to secure a sql server by granting access only
to
> specific IP addresses?
>
>|||What do you mean by saying 'but granting access ...'?
"Rodrigo Fernandes" <RodrigoFernandes@.discussions.microsoft.com> wrote in
message news:94A130F7-B240-44DF-9054-9E2BC08D9DE3@.microsoft.com...[vbcol=seagreen]
> Hi Scott,
> Really best practice is changing the default port number of the SQL
> Server.
> But granting access to specific IP addresses only machine 1 to machine 2
> or
> ip address.
> Hugs,
> Rodrigo Fernandes
> MCSE/MCDBA
> "scott" wrote:
>
any best practice advice on changing the default port number and also wanted
to know if there was a way to secure a sql server by granting access only to
specific IP addresses?Hi Scott,
Really best practice is changing the default port number of the SQL Server.
But granting access to specific IP addresses only machine 1 to machine 2 or
ip address.
Hugs,
Rodrigo Fernandes
MCSE/MCDBA
"scott" wrote:
> I'm going to be installing a sql server behind a firewall. I'd appreciate
> any best practice advice on changing the default port number and also want
ed
> to know if there was a way to secure a sql server by granting access only
to
> specific IP addresses?
>
>|||What do you mean by saying 'but granting access ...'?
"Rodrigo Fernandes" <RodrigoFernandes@.discussions.microsoft.com> wrote in
message news:94A130F7-B240-44DF-9054-9E2BC08D9DE3@.microsoft.com...[vbcol=seagreen]
> Hi Scott,
> Really best practice is changing the default port number of the SQL
> Server.
> But granting access to specific IP addresses only machine 1 to machine 2
> or
> ip address.
> Hugs,
> Rodrigo Fernandes
> MCSE/MCDBA
> "scott" wrote:
>
Restrict Port Security
I'm going to be installing a sql server behind a firewall. I'd appreciate
any best practice advice on changing the default port number and also wanted
to know if there was a way to secure a sql server by granting access only to
specific IP addresses?Hi Scott,
Really best practice is changing the default port number of the SQL Server.
But granting access to specific IP addresses only machine 1 to machine 2 or
ip address.
Hugs,
Rodrigo Fernandes
MCSE/MCDBA
"scott" wrote:
> I'm going to be installing a sql server behind a firewall. I'd appreciate
> any best practice advice on changing the default port number and also wanted
> to know if there was a way to secure a sql server by granting access only to
> specific IP addresses?
>
>|||What do you mean by saying 'but granting access ...'?
"Rodrigo Fernandes" <RodrigoFernandes@.discussions.microsoft.com> wrote in
message news:94A130F7-B240-44DF-9054-9E2BC08D9DE3@.microsoft.com...
> Hi Scott,
> Really best practice is changing the default port number of the SQL
> Server.
> But granting access to specific IP addresses only machine 1 to machine 2
> or
> ip address.
> Hugs,
> Rodrigo Fernandes
> MCSE/MCDBA
> "scott" wrote:
>> I'm going to be installing a sql server behind a firewall. I'd appreciate
>> any best practice advice on changing the default port number and also
>> wanted
>> to know if there was a way to secure a sql server by granting access only
>> to
>> specific IP addresses?
>>sql
any best practice advice on changing the default port number and also wanted
to know if there was a way to secure a sql server by granting access only to
specific IP addresses?Hi Scott,
Really best practice is changing the default port number of the SQL Server.
But granting access to specific IP addresses only machine 1 to machine 2 or
ip address.
Hugs,
Rodrigo Fernandes
MCSE/MCDBA
"scott" wrote:
> I'm going to be installing a sql server behind a firewall. I'd appreciate
> any best practice advice on changing the default port number and also wanted
> to know if there was a way to secure a sql server by granting access only to
> specific IP addresses?
>
>|||What do you mean by saying 'but granting access ...'?
"Rodrigo Fernandes" <RodrigoFernandes@.discussions.microsoft.com> wrote in
message news:94A130F7-B240-44DF-9054-9E2BC08D9DE3@.microsoft.com...
> Hi Scott,
> Really best practice is changing the default port number of the SQL
> Server.
> But granting access to specific IP addresses only machine 1 to machine 2
> or
> ip address.
> Hugs,
> Rodrigo Fernandes
> MCSE/MCDBA
> "scott" wrote:
>> I'm going to be installing a sql server behind a firewall. I'd appreciate
>> any best practice advice on changing the default port number and also
>> wanted
>> to know if there was a way to secure a sql server by granting access only
>> to
>> specific IP addresses?
>>sql
restrict enterprise manager to see all the databases
Hi,
my question is about security, but I am sure it has something to do
with the server configuration. It is about normal users other than SA.
In the server, multiple users, and each user has ownership of a
seperate database. When any of these users connect to the sql server
via Enterprise Manager, they are able to see all the databases, not
only they owned, also other databases they do not have ownership of.
Not that, they can see the tables or the data, but this still
bothers the user(s). How can I restrict the normal users to see only
their database(s) when they logged in thru enterprise manager with
their username and password ?
I aplogize if this quesiton has asked before and answered. If so,
please direct me to the correct link, I could not seek it.
Thank you.
Hi,
As far as I know there is a no way to restrict this in enterprise manager.
You can only hide system databases and system tables
from SQL Server's Registration Properties.
Thanks
Hari
SQL Server MVP
"murtix van basten" <murtix@.gmail.com> wrote in message
news:1158899177.310068.275240@.d34g2000cwd.googlegr oups.com...
> Hi,
> my question is about security, but I am sure it has something to do
> with the server configuration. It is about normal users other than SA.
> In the server, multiple users, and each user has ownership of a
> seperate database. When any of these users connect to the sql server
> via Enterprise Manager, they are able to see all the databases, not
> only they owned, also other databases they do not have ownership of.
> Not that, they can see the tables or the data, but this still
> bothers the user(s). How can I restrict the normal users to see only
> their database(s) when they logged in thru enterprise manager with
> their username and password ?
> I aplogize if this quesiton has asked before and answered. If so,
> please direct me to the correct link, I could not seek it.
> Thank you.
>
|||murtix van basten wrote:
> Hi,
> my question is about security, but I am sure it has something to do
> with the server configuration. It is about normal users other than SA.
> In the server, multiple users, and each user has ownership of a
> seperate database. When any of these users connect to the sql server
> via Enterprise Manager, they are able to see all the databases, not
> only they owned, also other databases they do not have ownership of.
> Not that, they can see the tables or the data, but this still
> bothers the user(s). How can I restrict the normal users to see only
> their database(s) when they logged in thru enterprise manager with
> their username and password ?
> I aplogize if this quesiton has asked before and answered. If so,
> please direct me to the correct link, I could not seek it.
> Thank you.
>
Can't do this with Enterprise Manager...
Tracy McKibben
MCDBA
http://www.realsqlguy.com
|||Thank you for the answers.
Tracy McKibben wrote:
> murtix van basten wrote:
> Can't do this with Enterprise Manager...
>
> --
> Tracy McKibben
> MCDBA
> http://www.realsqlguy.com
my question is about security, but I am sure it has something to do
with the server configuration. It is about normal users other than SA.
In the server, multiple users, and each user has ownership of a
seperate database. When any of these users connect to the sql server
via Enterprise Manager, they are able to see all the databases, not
only they owned, also other databases they do not have ownership of.
Not that, they can see the tables or the data, but this still
bothers the user(s). How can I restrict the normal users to see only
their database(s) when they logged in thru enterprise manager with
their username and password ?
I aplogize if this quesiton has asked before and answered. If so,
please direct me to the correct link, I could not seek it.
Thank you.
Hi,
As far as I know there is a no way to restrict this in enterprise manager.
You can only hide system databases and system tables
from SQL Server's Registration Properties.
Thanks
Hari
SQL Server MVP
"murtix van basten" <murtix@.gmail.com> wrote in message
news:1158899177.310068.275240@.d34g2000cwd.googlegr oups.com...
> Hi,
> my question is about security, but I am sure it has something to do
> with the server configuration. It is about normal users other than SA.
> In the server, multiple users, and each user has ownership of a
> seperate database. When any of these users connect to the sql server
> via Enterprise Manager, they are able to see all the databases, not
> only they owned, also other databases they do not have ownership of.
> Not that, they can see the tables or the data, but this still
> bothers the user(s). How can I restrict the normal users to see only
> their database(s) when they logged in thru enterprise manager with
> their username and password ?
> I aplogize if this quesiton has asked before and answered. If so,
> please direct me to the correct link, I could not seek it.
> Thank you.
>
|||murtix van basten wrote:
> Hi,
> my question is about security, but I am sure it has something to do
> with the server configuration. It is about normal users other than SA.
> In the server, multiple users, and each user has ownership of a
> seperate database. When any of these users connect to the sql server
> via Enterprise Manager, they are able to see all the databases, not
> only they owned, also other databases they do not have ownership of.
> Not that, they can see the tables or the data, but this still
> bothers the user(s). How can I restrict the normal users to see only
> their database(s) when they logged in thru enterprise manager with
> their username and password ?
> I aplogize if this quesiton has asked before and answered. If so,
> please direct me to the correct link, I could not seek it.
> Thank you.
>
Can't do this with Enterprise Manager...
Tracy McKibben
MCDBA
http://www.realsqlguy.com
|||Thank you for the answers.
Tracy McKibben wrote:
> murtix van basten wrote:
> Can't do this with Enterprise Manager...
>
> --
> Tracy McKibben
> MCDBA
> http://www.realsqlguy.com
restrict enterprise manager to see all the databases
Hi,
my question is about security, but I am sure it has something to do
with the server configuration. It is about normal users other than SA.
In the server, multiple users, and each user has ownership of a
seperate database. When any of these users connect to the sql server
via Enterprise Manager, they are able to see all the databases, not
only they owned, also other databases they do not have ownership of.
Not that, they can see the tables or the data, but this still
bothers the user(s). How can I restrict the normal users to see only
their database(s) when they logged in thru enterprise manager with
their username and password ?
I aplogize if this quesiton has asked before and answered. If so,
please direct me to the correct link, I could not seek it.
Thank you.Hi,
As far as I know there is a no way to restrict this in enterprise manager.
You can only hide system databases and system tables
from SQL Server's Registration Properties.
Thanks
Hari
SQL Server MVP
"murtix van basten" <murtix@.gmail.com> wrote in message
news:1158899177.310068.275240@.d34g2000cwd.googlegroups.com...
> Hi,
> my question is about security, but I am sure it has something to do
> with the server configuration. It is about normal users other than SA.
> In the server, multiple users, and each user has ownership of a
> seperate database. When any of these users connect to the sql server
> via Enterprise Manager, they are able to see all the databases, not
> only they owned, also other databases they do not have ownership of.
> Not that, they can see the tables or the data, but this still
> bothers the user(s). How can I restrict the normal users to see only
> their database(s) when they logged in thru enterprise manager with
> their username and password ?
> I aplogize if this quesiton has asked before and answered. If so,
> please direct me to the correct link, I could not seek it.
> Thank you.
>|||murtix van basten wrote:
> Hi,
> my question is about security, but I am sure it has something to do
> with the server configuration. It is about normal users other than SA.
> In the server, multiple users, and each user has ownership of a
> seperate database. When any of these users connect to the sql server
> via Enterprise Manager, they are able to see all the databases, not
> only they owned, also other databases they do not have ownership of.
> Not that, they can see the tables or the data, but this still
> bothers the user(s). How can I restrict the normal users to see only
> their database(s) when they logged in thru enterprise manager with
> their username and password ?
> I aplogize if this quesiton has asked before and answered. If so,
> please direct me to the correct link, I could not seek it.
> Thank you.
>
Can't do this with Enterprise Manager...
Tracy McKibben
MCDBA
http://www.realsqlguy.com|||Thank you for the answers.
Tracy McKibben wrote:
> murtix van basten wrote:
> > Hi,
> >
> > my question is about security, but I am sure it has something to do
> > with the server configuration. It is about normal users other than SA.
> >
> > In the server, multiple users, and each user has ownership of a
> > seperate database. When any of these users connect to the sql server
> > via Enterprise Manager, they are able to see all the databases, not
> > only they owned, also other databases they do not have ownership of.
> >
> > Not that, they can see the tables or the data, but this still
> > bothers the user(s). How can I restrict the normal users to see only
> > their database(s) when they logged in thru enterprise manager with
> > their username and password ?
> >
> > I aplogize if this quesiton has asked before and answered. If so,
> > please direct me to the correct link, I could not seek it.
> >
> > Thank you.
> >
> Can't do this with Enterprise Manager...
>
> --
> Tracy McKibben
> MCDBA
> http://www.realsqlguy.com
my question is about security, but I am sure it has something to do
with the server configuration. It is about normal users other than SA.
In the server, multiple users, and each user has ownership of a
seperate database. When any of these users connect to the sql server
via Enterprise Manager, they are able to see all the databases, not
only they owned, also other databases they do not have ownership of.
Not that, they can see the tables or the data, but this still
bothers the user(s). How can I restrict the normal users to see only
their database(s) when they logged in thru enterprise manager with
their username and password ?
I aplogize if this quesiton has asked before and answered. If so,
please direct me to the correct link, I could not seek it.
Thank you.Hi,
As far as I know there is a no way to restrict this in enterprise manager.
You can only hide system databases and system tables
from SQL Server's Registration Properties.
Thanks
Hari
SQL Server MVP
"murtix van basten" <murtix@.gmail.com> wrote in message
news:1158899177.310068.275240@.d34g2000cwd.googlegroups.com...
> Hi,
> my question is about security, but I am sure it has something to do
> with the server configuration. It is about normal users other than SA.
> In the server, multiple users, and each user has ownership of a
> seperate database. When any of these users connect to the sql server
> via Enterprise Manager, they are able to see all the databases, not
> only they owned, also other databases they do not have ownership of.
> Not that, they can see the tables or the data, but this still
> bothers the user(s). How can I restrict the normal users to see only
> their database(s) when they logged in thru enterprise manager with
> their username and password ?
> I aplogize if this quesiton has asked before and answered. If so,
> please direct me to the correct link, I could not seek it.
> Thank you.
>|||murtix van basten wrote:
> Hi,
> my question is about security, but I am sure it has something to do
> with the server configuration. It is about normal users other than SA.
> In the server, multiple users, and each user has ownership of a
> seperate database. When any of these users connect to the sql server
> via Enterprise Manager, they are able to see all the databases, not
> only they owned, also other databases they do not have ownership of.
> Not that, they can see the tables or the data, but this still
> bothers the user(s). How can I restrict the normal users to see only
> their database(s) when they logged in thru enterprise manager with
> their username and password ?
> I aplogize if this quesiton has asked before and answered. If so,
> please direct me to the correct link, I could not seek it.
> Thank you.
>
Can't do this with Enterprise Manager...
Tracy McKibben
MCDBA
http://www.realsqlguy.com|||Thank you for the answers.
Tracy McKibben wrote:
> murtix van basten wrote:
> > Hi,
> >
> > my question is about security, but I am sure it has something to do
> > with the server configuration. It is about normal users other than SA.
> >
> > In the server, multiple users, and each user has ownership of a
> > seperate database. When any of these users connect to the sql server
> > via Enterprise Manager, they are able to see all the databases, not
> > only they owned, also other databases they do not have ownership of.
> >
> > Not that, they can see the tables or the data, but this still
> > bothers the user(s). How can I restrict the normal users to see only
> > their database(s) when they logged in thru enterprise manager with
> > their username and password ?
> >
> > I aplogize if this quesiton has asked before and answered. If so,
> > please direct me to the correct link, I could not seek it.
> >
> > Thank you.
> >
> Can't do this with Enterprise Manager...
>
> --
> Tracy McKibben
> MCDBA
> http://www.realsqlguy.com
restrict enterprise manager to see all the databases
Hi,
my question is about security, but I am sure it has something to do
with the server configuration. It is about normal users other than SA.
In the server, multiple users, and each user has ownership of a
seperate database. When any of these users connect to the sql server
via Enterprise Manager, they are able to see all the databases, not
only they owned, also other databases they do not have ownership of.
Not that, they can see the tables or the data, but this still
bothers the user(s). How can I restrict the normal users to see only
their database(s) when they logged in thru enterprise manager with
their username and password ?
I aplogize if this quesiton has asked before and answered. If so,
please direct me to the correct link, I could not seek it.
Thank you.Hi,
As far as I know there is a no way to restrict this in enterprise manager.
You can only hide system databases and system tables
from SQL Server's Registration Properties.
Thanks
Hari
SQL Server MVP
"murtix van basten" <murtix@.gmail.com> wrote in message
news:1158899177.310068.275240@.d34g2000cwd.googlegroups.com...
> Hi,
> my question is about security, but I am sure it has something to do
> with the server configuration. It is about normal users other than SA.
> In the server, multiple users, and each user has ownership of a
> seperate database. When any of these users connect to the sql server
> via Enterprise Manager, they are able to see all the databases, not
> only they owned, also other databases they do not have ownership of.
> Not that, they can see the tables or the data, but this still
> bothers the user(s). How can I restrict the normal users to see only
> their database(s) when they logged in thru enterprise manager with
> their username and password ?
> I aplogize if this quesiton has asked before and answered. If so,
> please direct me to the correct link, I could not seek it.
> Thank you.
>|||murtix van basten wrote:
> Hi,
> my question is about security, but I am sure it has something to do
> with the server configuration. It is about normal users other than SA.
> In the server, multiple users, and each user has ownership of a
> seperate database. When any of these users connect to the sql server
> via Enterprise Manager, they are able to see all the databases, not
> only they owned, also other databases they do not have ownership of.
> Not that, they can see the tables or the data, but this still
> bothers the user(s). How can I restrict the normal users to see only
> their database(s) when they logged in thru enterprise manager with
> their username and password ?
> I aplogize if this quesiton has asked before and answered. If so,
> please direct me to the correct link, I could not seek it.
> Thank you.
>
Can't do this with Enterprise Manager...
Tracy McKibben
MCDBA
http://www.realsqlguy.com|||Thank you for the answers.
Tracy McKibben wrote:
> murtix van basten wrote:
> Can't do this with Enterprise Manager...
>
> --
> Tracy McKibben
> MCDBA
> http://www.realsqlguy.com
my question is about security, but I am sure it has something to do
with the server configuration. It is about normal users other than SA.
In the server, multiple users, and each user has ownership of a
seperate database. When any of these users connect to the sql server
via Enterprise Manager, they are able to see all the databases, not
only they owned, also other databases they do not have ownership of.
Not that, they can see the tables or the data, but this still
bothers the user(s). How can I restrict the normal users to see only
their database(s) when they logged in thru enterprise manager with
their username and password ?
I aplogize if this quesiton has asked before and answered. If so,
please direct me to the correct link, I could not seek it.
Thank you.Hi,
As far as I know there is a no way to restrict this in enterprise manager.
You can only hide system databases and system tables
from SQL Server's Registration Properties.
Thanks
Hari
SQL Server MVP
"murtix van basten" <murtix@.gmail.com> wrote in message
news:1158899177.310068.275240@.d34g2000cwd.googlegroups.com...
> Hi,
> my question is about security, but I am sure it has something to do
> with the server configuration. It is about normal users other than SA.
> In the server, multiple users, and each user has ownership of a
> seperate database. When any of these users connect to the sql server
> via Enterprise Manager, they are able to see all the databases, not
> only they owned, also other databases they do not have ownership of.
> Not that, they can see the tables or the data, but this still
> bothers the user(s). How can I restrict the normal users to see only
> their database(s) when they logged in thru enterprise manager with
> their username and password ?
> I aplogize if this quesiton has asked before and answered. If so,
> please direct me to the correct link, I could not seek it.
> Thank you.
>|||murtix van basten wrote:
> Hi,
> my question is about security, but I am sure it has something to do
> with the server configuration. It is about normal users other than SA.
> In the server, multiple users, and each user has ownership of a
> seperate database. When any of these users connect to the sql server
> via Enterprise Manager, they are able to see all the databases, not
> only they owned, also other databases they do not have ownership of.
> Not that, they can see the tables or the data, but this still
> bothers the user(s). How can I restrict the normal users to see only
> their database(s) when they logged in thru enterprise manager with
> their username and password ?
> I aplogize if this quesiton has asked before and answered. If so,
> please direct me to the correct link, I could not seek it.
> Thank you.
>
Can't do this with Enterprise Manager...
Tracy McKibben
MCDBA
http://www.realsqlguy.com|||Thank you for the answers.
Tracy McKibben wrote:
> murtix van basten wrote:
> Can't do this with Enterprise Manager...
>
> --
> Tracy McKibben
> MCDBA
> http://www.realsqlguy.com
Wednesday, March 28, 2012
Restrict ASP.NET app DB permissions using Integrated Security
How might I Restrict ASP.NET app DB permissions using Integrated Security?
I can see how it's done with SQL Authentication, but I'd prefer to do it with Windows Authentication.
Is it a matter of restricting the permissions of the general ASP.NET user (“NT AUTHORITY\NETWORK SERVICE”)...seems like it might affect too much.
Or can I have a Windows user/identity/account that is specific to a single ASP.NET Application?
Any guidance on this would be appreciated.
Thanks!
You can assign a specific domain account to the application.
Check out using an 'Application Pool' for Web Security.
|||Bingo. Thanks!Wednesday, March 21, 2012
Restoring security access using rsconfig?
Hi,
I have accidentally removed myself from the Home folder of my local
installation of reporting services. My security group was using an old
domain group and RS warned me that it was invalid. I deleted the entry
which was Content Manager, thinking that I was in the
BuiltIn/Administrators group and therefore would still have access to
localhost/reports. Unfortunately, I realised that I was not in the
administrators group on my PC (A company policy), so I lost all access
to my reports deployment. However, when I got added to the local
administrators group, I found that I still did not have access to the
Reports website.
My question is: Is there a way to manually add a user as a Content
Manager without using the http://localhost/Reports website? I seem to
recall a possible way using rsconfig, but have not been able to find a
relevant posting. I really do not want to uninstall and reinstall RS.
Thanks!To reply to myself in case other people ever have this problem:
I don't think you can do it with rsconfig.
In the end, I went into the ReportServer database and looked at the
users, roles and policies tables.
I found a user that was in the database as a Content Manager
(builtin/administrators is usually in there by default, but I had
another user there).
I then edited the PolicyUserRole table to change the user_id for a user
that had Content Manager access and a policy of "0" for my own user.
This let me back into the localhost/reports page where I then added my
domain name again. If you don't have a Content Manager already, take
the guid for that role and paste it into your role.
If I didn't have a user in there, I assume I could just add one, but I
am unsure about the generation of the guid.
I don't know what the official way to do this is, but as a hack, it
worked.
MDXQuery wrote:
> Hi,
> I have accidentally removed myself from the Home folder of my local
> installation of reporting services. My security group was using an old
> domain group and RS warned me that it was invalid. I deleted the entry
> which was Content Manager, thinking that I was in the
> BuiltIn/Administrators group and therefore would still have access to
> localhost/reports. Unfortunately, I realised that I was not in the
> administrators group on my PC (A company policy), so I lost all access
> to my reports deployment. However, when I got added to the local
> administrators group, I found that I still did not have access to the
> Reports website.
> My question is: Is there a way to manually add a user as a Content
> Manager without using the http://localhost/Reports website? I seem to
> recall a possible way using rsconfig, but have not been able to find a
> relevant posting. I really do not want to uninstall and reinstall RS.
> Thanks!|||If you can add yourself to the local admininstrator role of the server that
RS resides on, then you will automatically have all the rights you need with
RS.
Bruce Loehle-Conger
MVP SQL Server Reporting Services
"MDXQuery" <imgroup1@.hotmail.com> wrote in message
news:1125056826.979578.163790@.g43g2000cwa.googlegroups.com...
> To reply to myself in case other people ever have this problem:
> I don't think you can do it with rsconfig.
> In the end, I went into the ReportServer database and looked at the
> users, roles and policies tables.
> I found a user that was in the database as a Content Manager
> (builtin/administrators is usually in there by default, but I had
> another user there).
> I then edited the PolicyUserRole table to change the user_id for a user
> that had Content Manager access and a policy of "0" for my own user.
> This let me back into the localhost/reports page where I then added my
> domain name again. If you don't have a Content Manager already, take
> the guid for that role and paste it into your role.
> If I didn't have a user in there, I assume I could just add one, but I
> am unsure about the generation of the guid.
> I don't know what the official way to do this is, but as a hack, it
> worked.
>
>
> MDXQuery wrote:
>> Hi,
>> I have accidentally removed myself from the Home folder of my local
>> installation of reporting services. My security group was using an old
>> domain group and RS warned me that it was invalid. I deleted the entry
>> which was Content Manager, thinking that I was in the
>> BuiltIn/Administrators group and therefore would still have access to
>> localhost/reports. Unfortunately, I realised that I was not in the
>> administrators group on my PC (A company policy), so I lost all access
>> to my reports deployment. However, when I got added to the local
>> administrators group, I found that I still did not have access to the
>> Reports website.
>> My question is: Is there a way to manually add a user as a Content
>> Manager without using the http://localhost/Reports website? I seem to
>> recall a possible way using rsconfig, but have not been able to find a
>> relevant posting. I really do not want to uninstall and reinstall RS.
>> Thanks!
>
I have accidentally removed myself from the Home folder of my local
installation of reporting services. My security group was using an old
domain group and RS warned me that it was invalid. I deleted the entry
which was Content Manager, thinking that I was in the
BuiltIn/Administrators group and therefore would still have access to
localhost/reports. Unfortunately, I realised that I was not in the
administrators group on my PC (A company policy), so I lost all access
to my reports deployment. However, when I got added to the local
administrators group, I found that I still did not have access to the
Reports website.
My question is: Is there a way to manually add a user as a Content
Manager without using the http://localhost/Reports website? I seem to
recall a possible way using rsconfig, but have not been able to find a
relevant posting. I really do not want to uninstall and reinstall RS.
Thanks!To reply to myself in case other people ever have this problem:
I don't think you can do it with rsconfig.
In the end, I went into the ReportServer database and looked at the
users, roles and policies tables.
I found a user that was in the database as a Content Manager
(builtin/administrators is usually in there by default, but I had
another user there).
I then edited the PolicyUserRole table to change the user_id for a user
that had Content Manager access and a policy of "0" for my own user.
This let me back into the localhost/reports page where I then added my
domain name again. If you don't have a Content Manager already, take
the guid for that role and paste it into your role.
If I didn't have a user in there, I assume I could just add one, but I
am unsure about the generation of the guid.
I don't know what the official way to do this is, but as a hack, it
worked.
MDXQuery wrote:
> Hi,
> I have accidentally removed myself from the Home folder of my local
> installation of reporting services. My security group was using an old
> domain group and RS warned me that it was invalid. I deleted the entry
> which was Content Manager, thinking that I was in the
> BuiltIn/Administrators group and therefore would still have access to
> localhost/reports. Unfortunately, I realised that I was not in the
> administrators group on my PC (A company policy), so I lost all access
> to my reports deployment. However, when I got added to the local
> administrators group, I found that I still did not have access to the
> Reports website.
> My question is: Is there a way to manually add a user as a Content
> Manager without using the http://localhost/Reports website? I seem to
> recall a possible way using rsconfig, but have not been able to find a
> relevant posting. I really do not want to uninstall and reinstall RS.
> Thanks!|||If you can add yourself to the local admininstrator role of the server that
RS resides on, then you will automatically have all the rights you need with
RS.
Bruce Loehle-Conger
MVP SQL Server Reporting Services
"MDXQuery" <imgroup1@.hotmail.com> wrote in message
news:1125056826.979578.163790@.g43g2000cwa.googlegroups.com...
> To reply to myself in case other people ever have this problem:
> I don't think you can do it with rsconfig.
> In the end, I went into the ReportServer database and looked at the
> users, roles and policies tables.
> I found a user that was in the database as a Content Manager
> (builtin/administrators is usually in there by default, but I had
> another user there).
> I then edited the PolicyUserRole table to change the user_id for a user
> that had Content Manager access and a policy of "0" for my own user.
> This let me back into the localhost/reports page where I then added my
> domain name again. If you don't have a Content Manager already, take
> the guid for that role and paste it into your role.
> If I didn't have a user in there, I assume I could just add one, but I
> am unsure about the generation of the guid.
> I don't know what the official way to do this is, but as a hack, it
> worked.
>
>
> MDXQuery wrote:
>> Hi,
>> I have accidentally removed myself from the Home folder of my local
>> installation of reporting services. My security group was using an old
>> domain group and RS warned me that it was invalid. I deleted the entry
>> which was Content Manager, thinking that I was in the
>> BuiltIn/Administrators group and therefore would still have access to
>> localhost/reports. Unfortunately, I realised that I was not in the
>> administrators group on my PC (A company policy), so I lost all access
>> to my reports deployment. However, when I got added to the local
>> administrators group, I found that I still did not have access to the
>> Reports website.
>> My question is: Is there a way to manually add a user as a Content
>> Manager without using the http://localhost/Reports website? I seem to
>> recall a possible way using rsconfig, but have not been able to find a
>> relevant posting. I really do not want to uninstall and reinstall RS.
>> Thanks!
>
Subscribe to:
Posts (Atom)