Yes, I opened the ports 1433 and 1434 in Windows Firewall and SQL server is
set to windows or sql authentication. I believe I opened them with the
correct TCP/UDP combination. I also told windows firewall about
sqlserver.exe, however I suspect that is more for outbound connections.
I understand the security reasons why the normal error message has to be
vague about sql server does not exist or access denied. Is it possible to
configure SQL server into a diagnostic mode where it will tell the client
that the sql server does exist but it was just that access was denied? This
would help me narrow down the problem.
If not, how can I tell if it is networking/firewall type problem or an SQL
server security problem?
Chris PankhurstSometimes you can tell from the full text of the error
messages. You could turn on failed login auditing to see if
the login is hitting the server and failing. You can also
monitor for login failures in Profiler. You won't get a lot
of information on the login failure but enough to see if the
client is hitting the server.
-Sue
On Fri, 23 Sep 2005 12:01:20 +1200, "Christopher Pankhurst"
<christopher_pankhurst@.hotmail.com> wrote:
>Yes, I opened the ports 1433 and 1434 in Windows Firewall and SQL server is
>set to windows or sql authentication. I believe I opened them with the
>correct TCP/UDP combination. I also told windows firewall about
>sqlserver.exe, however I suspect that is more for outbound connections.
>I understand the security reasons why the normal error message has to be
>vague about sql server does not exist or access denied. Is it possible to
>configure SQL server into a diagnostic mode where it will tell the client
>that the sql server does exist but it was just that access was denied? This
>would help me narrow down the problem.
>If not, how can I tell if it is networking/firewall type problem or an SQL
>server security problem?
>Chris Pankhurst
>|||Thanks, I'm not sure how to turn on login auditing, but using profiler is a
good idea. I wonder why I didn't think of it.
Chris Pankhurst
"Sue Hoegemeier" <Sue_H@.nomail.please> wrote in message
news:u257j19kdbt8s946sb7mu633v2nm1tb8el@.
4ax.com...
> Sometimes you can tell from the full text of the error
> messages. You could turn on failed login auditing to see if
> the login is hitting the server and failing. You can also
> monitor for login failures in Profiler. You won't get a lot
> of information on the login failure but enough to see if the
> client is hitting the server.
> -Sue
> On Fri, 23 Sep 2005 12:01:20 +1200, "Christopher Pankhurst"
> <christopher_pankhurst@.hotmail.com> wrote:
>
is[vbcol=seagreen]
This[vbcol=seagreen]
SQL[vbcol=seagreen]
>|||For login audits, in Enterprise Manager, right click on the
server and select properties. Go to the Security tab and you
can set the audit level for logins (success, failure or
all). You need to restart the service for the settings to
take effect.
-Sue
On Mon, 26 Sep 2005 08:32:32 +1200, "Christopher Pankhurst"
<christopher_pankhurst@.hotmail.com> wrote:
>Thanks, I'm not sure how to turn on login auditing, but using profiler is a
>good idea. I wonder why I didn't think of it.
>Chris Pankhurst
>"Sue Hoegemeier" <Sue_H@.nomail.please> wrote in message
> news:u257j19kdbt8s946sb7mu633v2nm1tb8el@.
4ax.com...
>is
>This
>SQL
>
No comments:
Post a Comment