Post reply

SQL logins changed domains

  • March 15, 2005 at 12:30 am

    #87007

    User accounts have been migrated to a new domain. Is there a way to change their SQL logins to reference the new Domain in Microsoft SQL server without doing it manually?  For example:

     

    User Kim has her login as OldDomain\Kim and she has a new login as NewDomain\Kim to the same SQL server. Her database user is referenced just as Kim. One cannot grant her NewDomain\Kim access to databases as the database user already exists. If you drop the OldDomain\Kim you loose her permissions in SQL.

    Kindest Regards,

    Mich

  • March 15, 2005 at 6:33 am

    #547030

    you could add the old domain's user-SID to the new domain-user's sid-history.

    As you can imagine, this is a windows-ad-operation, and not a sqlserver operation.

    Johan

    Learn to play, play to learn !

    Dont drive faster than your guardian angel can fly ...
    but keeping both feet on the ground wont get you anywhere :w00t:

    - How to post Performance Problems
    - How to post data/code to get the best help[/url]

    - How to prevent a sore throat after hours of presenting ppt

    press F1 for solution, press shift+F1 for urgent solution 😀

    Need a bit of Powershell? How about this

    Who am I ? Sometimes this is me but most of the time this is me

  • March 15, 2005 at 7:36 am

    #547049

    Old domain going to be removed.

    Kindest Regards,

    Mich

  • March 15, 2005 at 8:18 am

    #547066

    You can use Mapsids.exe for the conversion

    HTH


    * Noel

  • March 16, 2005 at 12:02 am

    #547198

    That should be no problem because the new domain will use the old sid from the users sid-history.

    The only "issue" you'll have is that the windows-users will have the wrong domainname registered in the name column in the system-table syslogins.

    Anyway, the tool noeld pointed to, may help streight forward conversion with cleanup of the old-domain references.

    Johan

    Learn to play, play to learn !

    Dont drive faster than your guardian angel can fly ...
    but keeping both feet on the ground wont get you anywhere :w00t:

    - How to post Performance Problems
    - How to post data/code to get the best help[/url]

    - How to prevent a sore throat after hours of presenting ppt

    press F1 for solution, press shift+F1 for urgent solution 😀

    Need a bit of Powershell? How about this

    Who am I ? Sometimes this is me but most of the time this is me

  • March 16, 2005 at 3:44 am

    #547221

    Hi,

    you could try to replace the old domain name in the name-column of sysxlogins with the new domain.

    (of course on a test server...)

    Seems that is the only reference to the windows domain for logins in sql server...

    regards karl

    Best regards
    karl

  • March 16, 2005 at 3:24 pm

    #547408

    You could just script out the existing logins and users and do a 'replace all' in Query Analyzer to replace OLDDOMAIN with NEWDOMAIN. Drop the existing logins and users and then run your 'replaced' script.

Viewing 7 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic. Login to reply