September 27, 2010 at 7:40 am
Hello All.
In preparation for a growing user base, I am presently trying to standardize / simplify my SQL permissions scheme using Windows Groups. I have not done this before and, naturally, am running into some issues.
I am using Windows Server 2003 + SQL Server 2008 R2 and performed the following actions:
- Created new Windows Groups (SQL_DBA, SQL_PowerUser, etc);
- Associated the user domain accounts accordingly ("Johnny" is part of SQL_DBA); and
- Added the Windows Groups to SQL Server Security (SQL_DBA with role as sysadmin).
I expected each member of the group to automatically be able to log in and have the appropriate permissions. However, when "Johnny" tries to log in, he get the generic "Login Failed" message which indicates that he does not have access. If I add "Johnny" directly to SQL Server, he will have access but does not inherit his group's permissions.
Am I missing a step somewhere?
I would greatly appreciate any assistance you could provide!!!
Thanks,
-Michael
September 27, 2010 at 8:23 am
What's the login error message from the SQL Server Log?
September 27, 2010 at 8:38 am
Here is the error:
Error: 18456, Severity 14, State 11
Login failed for user ... Reason: Token-based server access validation failed with an Infrastructure error.
September 27, 2010 at 8:55 am
There were posts about this error on this website:
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply