September 27, 2007 at 2:57 pm
Hello,
We are testing a SQL Server 2000 server that already belonged to an NT domain. We just joined it to an AD domain as the first step in migrating the server from NT to AD.
However, when I tried to add a login that has the same name but a different domain - for example, adding 'AD\Group1' when 'NT\Group1' already exists - I get this error:
Error 21008: [SQL-DMO] Login 'AD\Group1' already exists
I see both logins in the Logins listing, but when I check a database, I see this listing for the user:
Name Login Name
Group1 NT\Group1
(Sorry about the extra space in the code - I could not find a way to get this feature to single-space code.)
I assume that this user was already in the database as a result of the original NT\Group1 login being created. But does that mean that you can't have two logins with the same name as users in the same database?
If that is the case, what is a better way to test this migration? Do I need to manually replace each NT\user login and permissions with its corresponding AD\user login and permissions?
Thanks for any help!
webrunner
-------------------
A SQL query walks into a bar and sees two tables. He walks up to them and asks, "Can I join you?"
Ref.: http://tkyte.blogspot.com/2009/02/sql-joke.html
October 7, 2007 at 9:07 pm
I believe because of the SID mapping in 2000 that you can only have one login in each db mapped to a user. So you'd need to make the changes manually.
I haven't run into this, but that's what I'd expect.
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply