Microsoft KB Archive/324321

From BetaArchive Wiki

Article ID: 324321

Article Last Modified on 11/9/2007


APPLIES TO

  • Microsoft SQL Server 2000 64-bit Edition
  • Microsoft SQL Server 2000 Standard Edition
  • Microsoft SQL Server 7.0 Standard Edition
  • Microsoft SQL Server 2005 Standard Edition
  • Microsoft SQL Server 2005 Express Edition
  • Microsoft SQL Server 2005 Developer Edition
  • Microsoft SQL Server 2005 Enterprise Edition
  • Microsoft SQL Server 2005 Workgroup Edition


This article was previously published under Q324321

IN THIS TASK

SUMMARY

SUMMARY

You may see the following error when you add a Microsoft Windows NT user or a Microsoft Windows NT group as a login to Microsoft SQL Server, or when you move logins from a server in one domain to a server in a different domain:

Error 15401: Windows NT user or group '%s' not found. Check the name again.

This step-by-step article discusses potential causes of the error and how to troubleshoot this problem.

back to the top

The login does not exist

  1. Verify that the Windows login still exists in the domain. Your network administrator may have removed the Windows login for specific reasons, and you may not be able to grant that login access to the SQL Server.
  2. Verify that you are spelling the domain and login name correctly and that you are using the following format:

    Domain\User

  3. If the login exists, and it is correct, and you still receive the error, continue with the following sections in this article.

back to the top

Duplicate security identifiers

In a Windows domain, unique Security Identifiers (SIDs) are automatically assigned to Windows logins in the domain. When you add a Windows login as a SQL Server login, the SID is stored in a system table in SQL Server. If you try to add a new login which has the same SID as an existing SQL Server login, the 15401 error occurs.
Note In SQL Server 2005, duplicate SIDs are not allowed.

  1. To determine if this is the cause of your error, run the following code against the Master database while you are logged on to SQL Server as a member of the sysadmin role:

    SELECT name FROM syslogins WHERE sid = SUSER_SID ('YourDomain\YourLogin')
  2. If a row is returned from this query, a duplicate SID is the cause of your problem.
  3. One potential cause of this scenario is loading a master database from a server in another domain. One of the logins in that domain may have had the same SID as the login that you are trying to add in this domain. This might also occur in an environment where you have clone or ghost systems.
  4. You must use sp_revokelogin to drop the login with the matching SID, or, to keep the existing logins, correctly map the logins from the old domain to logins in the new domain. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base:

    314546 How to move databases between computers that are running SQL Server

back to the top

Authentication failure

You might receive error 15401 when the domain controller for the domain where the login resides (the same or a different domain) is not available for some reason.

  1. If the login is in a different domain than the SQL Server, verify that the correct trusts exist between the domains.
  2. Verify that the domain controller of the login is accessible by using the ping command from the computer that is running SQL Server. Check both the IP address and the name of the domain controller.
    For more information about ping command, click the following article number to view the article in the Microsoft Knowledge Base:

    102908 How to troubleshoot TCP/IP connectivity with Windows 2000 or Windows NT

back to the top

Case sensitivity

You may be experiencing case-sensitivity problems, which are described in the following Microsoft Knowledge Base article:

245768 Case-sensitive Unicode collating sequence and Windows NT logins



In this case, use the sp_configure or sp_helpsort stored procedure to determine if the sort order or collation of your instance of SQL Server is case sensitive. If the server is case-sensitive, follow the steps in the referenced article (Q245768) to successfully add the login.

back to the top

Local accounts

Local (non-domain) accounts require special handling. If you are trying to add a local account from the local computer that is running SQL Server, view the following Microsoft Knowledge Base article for the correct steps:

322988 sp_grantlogin "NT AUTHORITY\SYSTEM" fails on Microsoft Windows NT 4.0


  1. To add the Local System Account as a SQL Server login on Windows NT 4.0, view the procedure in the article Q322988 in the Microsoft Knowledge Base.
  2. When you add predefined local groups, you must use BUILTIN as the domain.
    For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    216808 Use BUILTIN\Group to grant access to predefined Windows NT groups

back to the top

Name resolution

If you have problems resolving the name of a computer that is involved in adding the login or group, you might receive error 15401.

Verify that your name resolution mechanism (such as, WINS, DNS, HOSTS or LMHOSTS) is configured correctly.

back to the top

Keywords: kbhowtomaster KB324321



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/324321&oldid=179101
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki