Microsoft KB Archive/236805

= BUG: SQL 6.5 Security Manager Incorrectly Maps Users from Non-Default Domain =

Article ID: 236805

Article Last Modified on 10/17/2003

-

APPLIES TO


 * Microsoft SQL Server 6.5 Standard Edition

-



This article was previously published under Q236805



BUG #: 15975(SQLBUG_65)



SYMPTOMS
When you attempt to grant a local Windows NT group access to a Microsoft SQL Server using the Microsoft SQL Server Security Manager, Windows NT user accounts that are not from the default Microsoft SQL Server domain will be incorrectly mapped to the Microsoft SQL Server default login ID (guest). This will only occur if the local group contains groups or users from multiple Windows NT domains.

Windows NT user accounts may also show correct mappings in Microsoft SQL Security Manager GUI but the user accounts do not get mapped correctly at the Microsoft SQL Server login level. The incorrect mappings can be verified by querying the syslogins system table; "select * from syslogins".



WORKAROUND
The mappings get created correctly only if the local Windows NT group contains users from just one Windows NT domain group. If a Windows NT local group contains users from two or more Window NT domain groups the mappings are created correctly for only the default Windows NT domain groups.

The workaround is that since mapping works correctly when the local Windows NT group contains just one domain Windows NT group, you must create as many local Windows NT groups as Windows NT domain groups.



STATUS
Microsoft has confirmed this to be a problem in SQL Server 6.5.

Keywords: kbbug kbpending KB236805

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.