July 12, 2012 at 9:34 am
I click on Security, Logins, New Login, Windows, Search. Find the username in the directory listing. Click on it. It is in FirstName.LastName@domain.com format.
Click OK. The Login name field displays the old, short-form username that I renamed to long username yesterday.
I added the columns Logon Name, Logon Name (pre-windows 2000) and DN to the search results pane. All show the new name.
I have checked ALL our domain controllers. There is no mention that we can find anywhere of the shortform name.
So what call does SQL Server make / where does that value come from?
This is making me crazy!
July 12, 2012 at 10:55 am
schleep (7/12/2012)
I click on Security, Logins, New Login, Windows, Search. Find the username in the directory listing. Click on it. It is in FirstName.LastName@domain.com format.Click OK. The Login name field displays the old, short-form username that I renamed to long username yesterday.
I added the columns Logon Name, Logon Name (pre-windows 2000) and DN to the search results pane. All show the new name.
I have checked ALL our domain controllers. There is no mention that we can find anywhere of the shortform name.
So what call does SQL Server make / where does that value come from?
This is making me crazy!
If its windows authentication, the name comes from AD. Is that what you are asking or did I misunderstood your question completely. Please advise.
Thanks,
TA.
Regards,
SQLisAwe5oMe.
July 12, 2012 at 11:08 am
Yesterday, I renamed 3 AD accounts. Every field that showed the old name now shows the new name.
But SQL Server won't permit them to login,
EXECUTE AS Login = NewName
Msg 15404, Level 16, State 11, Line 1
Could not obtain information about Windows NT group/user 'domainewname', error code 0xffff0002.
Worse, EXECUTE AS Login = OldName does work.
So I performed the New Login experiment in the original post, with the surprising result that SQL Server somehow converts the newname to the oldname.
What I'm trying to find is, where in AD does that old name still exist?
July 12, 2012 at 12:00 pm
Note that everything works fine on all our other SQL Servers. Just not the one to which they really need to connect...
July 13, 2012 at 6:50 am
Full reboot to the rescue! Bouncing SQL services was not enough.
Beginning to suspect this was caused by the cacheing of access tokens at the AD level, since the re-boot also solved connectivity issues on an another, unrelated server.
Thoughts?
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply