August 19, 2015 at 12:13 pm
Is there some way I can connect to a SQL Server using an Active Directory user object?
Something along the lines of this pseudocode:
$User = get-aduser "domain\Some_user_that_isn't_me"
$Connection = new-object sqlserver.connection $User
$Connection.ConnectionString = "server=myserver; integratedsecuriry=$True"
$Connection.Connect()
Thanks!
August 23, 2015 at 1:10 am
If you pass the username and domain in the usual format DOMAIN\User (and have the password of that user), then yes you could. It requires you to run PowerShell.exe under the context of that user to connect to SQL Server with Windows Authentication.
Use of integrated security in your connection string means the context (or account) in which you run PowerShell.exe under would be the user that is connected to the instance. If you wanted to switch to another login, say temporary admin account, you can use:
Start-Process powershell.exe -Credential "MyDomain\Login" -NoNewWindow
The above snippet will prompt for a password, you could also use "Get-Credential" to grab that information before it starts and pass it as a variable.
A more cleaner method would be to connect to SQL Server and change the context in your query or command to use something like "EXECUTE AS LOGIN = 'MyDomain\Login'"
Shawn Melton
Twitter: @wsmelton
Blog: wsmelton.github.com
Github: wsmelton
August 24, 2015 at 5:34 am
Hi Shawn,
Thanks for the response.
1) Yep, as long as I know the password, life is fairly simple. But I don't. Which brings me to...
2) Execute As or SetUser would be nice, but I'm sitting in an untrusted domain, and trying to diagnose permission problems for an AD account in the trusted domain.
Hence my question -- which I admit might have been lacking the missing password detail.
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply