Post reply

principal "guest" does not exist

  • April 25, 2018 at 5:13 am

    #403295

    A new client of ours is trying to one of our databases, using a web interface.
    The user I created for him, has db_owner permissions on this database, but he gets the following error when trying to connect:
    Cannot execute as the database principal because the principal "guest" does not exist, this type of principal cannot be impersonated, or you do not have permission.
    It specifically mentions "guest", not dbo or any other user.
    Guest is disabled under this database and as per best practice should remain disabled.

    What I have tried:
    Changed the owner of the database to sa
    Set Trustworthy On

    Any suggestions?
    We have other clients and other sites that can connect to their respective databases on this server, with no issues.

  • April 25, 2018 at 12:03 pm

    #1988235

    Casper101 - Wednesday, April 25, 2018 5:13 AM

    A new client of ours is trying to one of our databases, using a web interface.
    The user I created for him, has db_owner permissions on this database, but he gets the following error when trying to connect:
    Cannot execute as the database principal because the principal "guest" does not exist, this type of principal cannot be impersonated, or you do not have permission.
    It specifically mentions "guest", not dbo or any other user.
    Guest is disabled under this database and as per best practice should remain disabled.

    What I have tried:
    Changed the owner of the database to sa
    Set Trustworthy On

    Any suggestions?
    We have other clients and other sites that can connect to their respective databases on this server, with no issues.

    Did you create the user as a user without login? You can execute this in the database to check:

    -- Users without login
    SELECT
        [name] as UsersWithoutLogin
    FROM sys.database_principals
    WHERE DATALENGTH(sid) = 28
    AND type = 'S'
    AND principal_id > 4

    Sue

  • April 26, 2018 at 12:31 am

    #1988299

    Sue_H - Wednesday, April 25, 2018 12:03 PM

    Casper101 - Wednesday, April 25, 2018 5:13 AM

    A new client of ours is trying to one of our databases, using a web interface.
    The user I created for him, has db_owner permissions on this database, but he gets the following error when trying to connect:
    Cannot execute as the database principal because the principal "guest" does not exist, this type of principal cannot be impersonated, or you do not have permission.
    It specifically mentions "guest", not dbo or any other user.
    Guest is disabled under this database and as per best practice should remain disabled.

    What I have tried:
    Changed the owner of the database to sa
    Set Trustworthy On

    Any suggestions?
    We have other clients and other sites that can connect to their respective databases on this server, with no issues.

    Did you create the user as a user without login? You can execute this in the database to check:

    -- Users without login
    SELECT
        [name] as UsersWithoutLogin
    FROM sys.database_principals
    WHERE DATALENGTH(sid) = 28
    AND type = 'S'
    AND principal_id > 4

    Sue

    Nope, this is an existing login I used to create the associated database user. I tested the login - it works 100% in SSMS, but not via this vendor app

  • April 26, 2018 at 11:09 am

    #1988390

    Casper101 - Thursday, April 26, 2018 12:31 AM

    Sue_H - Wednesday, April 25, 2018 12:03 PM

    Casper101 - Wednesday, April 25, 2018 5:13 AM

    A new client of ours is trying to one of our databases, using a web interface.
    The user I created for him, has db_owner permissions on this database, but he gets the following error when trying to connect:
    Cannot execute as the database principal because the principal "guest" does not exist, this type of principal cannot be impersonated, or you do not have permission.
    It specifically mentions "guest", not dbo or any other user.
    Guest is disabled under this database and as per best practice should remain disabled.

    What I have tried:
    Changed the owner of the database to sa
    Set Trustworthy On

    Any suggestions?
    We have other clients and other sites that can connect to their respective databases on this server, with no issues.

    Did you create the user as a user without login? You can execute this in the database to check:

    -- Users without login
    SELECT
        [name] as UsersWithoutLogin
    FROM sys.database_principals
    WHERE DATALENGTH(sid) = 28
    AND type = 'S'
    AND principal_id > 4

    Sue

    Nope, this is an existing login I used to create the associated database user. I tested the login - it works 100% in SSMS, but not via this vendor app

    So if you are convinced it's the vendor application and the login exists, isn't orphaned and is mapped correctly then try creating an extended events session, use the connection tracking template, include sql_text field for the events and you should be able to capture more of what is going on. 

    Sue

  • April 27, 2018 at 6:18 am

    #1988433

    Is there a logon trigger on the server?

    Gail Shaw
    Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
    SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

    We walk in the dark places no others will enter
    We stand on the bridge and no one may pass

Viewing 5 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic. Login to reply