How to access a SQL Server database using another user with permissions in the same intranet
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty{ margin-bottom:0;
}
up vote
3
down vote
favorite
While I'm waiting for my user to get access permissions, I'm stuck using a colleague's, and whenever I try to run basic SQL queries I have to switch from my Windows user to hers.
Hopefully this is clear enough: I want to access a SQL Server for which another user on the the same intranet has permissions while I only have her credentials, and that the server utilizes Integrated Security.
sql-server connectivity
add a comment |
up vote
3
down vote
favorite
While I'm waiting for my user to get access permissions, I'm stuck using a colleague's, and whenever I try to run basic SQL queries I have to switch from my Windows user to hers.
Hopefully this is clear enough: I want to access a SQL Server for which another user on the the same intranet has permissions while I only have her credentials, and that the server utilizes Integrated Security.
sql-server connectivity
2
Just an opinion: If you have her credentials, then you have some serious security issues at the company you are working for other than unable to start SSMS with a different account or having to wait for the permission to access a database.
– hot2use
Nov 14 at 12:02
2
If the SQL authentication is turned off and you need integrated windows authentication then indeed you can only switch the client windows user or use „Run As“ (and you and she are most likely violating company policy by sharing an account)
– eckes
Nov 14 at 12:09
1
@hot2use there are too many other issues to rant about, as expected from a company maintaining legacy systems.
– Outman
Nov 14 at 12:36
add a comment |
up vote
3
down vote
favorite
up vote
3
down vote
favorite
While I'm waiting for my user to get access permissions, I'm stuck using a colleague's, and whenever I try to run basic SQL queries I have to switch from my Windows user to hers.
Hopefully this is clear enough: I want to access a SQL Server for which another user on the the same intranet has permissions while I only have her credentials, and that the server utilizes Integrated Security.
sql-server connectivity
While I'm waiting for my user to get access permissions, I'm stuck using a colleague's, and whenever I try to run basic SQL queries I have to switch from my Windows user to hers.
Hopefully this is clear enough: I want to access a SQL Server for which another user on the the same intranet has permissions while I only have her credentials, and that the server utilizes Integrated Security.
sql-server connectivity
sql-server connectivity
edited Nov 14 at 11:17
asked Nov 14 at 8:43
Outman
637
637
2
Just an opinion: If you have her credentials, then you have some serious security issues at the company you are working for other than unable to start SSMS with a different account or having to wait for the permission to access a database.
– hot2use
Nov 14 at 12:02
2
If the SQL authentication is turned off and you need integrated windows authentication then indeed you can only switch the client windows user or use „Run As“ (and you and she are most likely violating company policy by sharing an account)
– eckes
Nov 14 at 12:09
1
@hot2use there are too many other issues to rant about, as expected from a company maintaining legacy systems.
– Outman
Nov 14 at 12:36
add a comment |
2
Just an opinion: If you have her credentials, then you have some serious security issues at the company you are working for other than unable to start SSMS with a different account or having to wait for the permission to access a database.
– hot2use
Nov 14 at 12:02
2
If the SQL authentication is turned off and you need integrated windows authentication then indeed you can only switch the client windows user or use „Run As“ (and you and she are most likely violating company policy by sharing an account)
– eckes
Nov 14 at 12:09
1
@hot2use there are too many other issues to rant about, as expected from a company maintaining legacy systems.
– Outman
Nov 14 at 12:36
2
2
Just an opinion: If you have her credentials, then you have some serious security issues at the company you are working for other than unable to start SSMS with a different account or having to wait for the permission to access a database.
– hot2use
Nov 14 at 12:02
Just an opinion: If you have her credentials, then you have some serious security issues at the company you are working for other than unable to start SSMS with a different account or having to wait for the permission to access a database.
– hot2use
Nov 14 at 12:02
2
2
If the SQL authentication is turned off and you need integrated windows authentication then indeed you can only switch the client windows user or use „Run As“ (and you and she are most likely violating company policy by sharing an account)
– eckes
Nov 14 at 12:09
If the SQL authentication is turned off and you need integrated windows authentication then indeed you can only switch the client windows user or use „Run As“ (and you and she are most likely violating company policy by sharing an account)
– eckes
Nov 14 at 12:09
1
1
@hot2use there are too many other issues to rant about, as expected from a company maintaining legacy systems.
– Outman
Nov 14 at 12:36
@hot2use there are too many other issues to rant about, as expected from a company maintaining legacy systems.
– Outman
Nov 14 at 12:36
add a comment |
2 Answers
2
active
oldest
votes
up vote
6
down vote
accepted
You can open SSMS as her Windows user account by doing either of the following:
Right click the SSMS shortcut while holding the SHIFT key. Click on Open as another user and enter the other users credentials.
Create a shortcut in the following format:
C:WindowsSystem32runas.exe /savecred /user:DOMAINUSERNAME
"C:Program Files (x86)Microsoft SQL
Server140ToolsBinnManagementStudioSsms.exe"
You'll need to replace the path to SSMS.exe with your version.
Once you open the shortcut and enter the password for the account, you can then simply double click the shortcut in the future as it will store your credentials for later use.
Thanks a whole lot! I wasn't aware of therunas
command, this is going to be much more helpful in the future than just fixing this problem.
– Outman
Nov 14 at 11:19
add a comment |
up vote
1
down vote
There are valid times to runas
an application as a domain account other than your own. Based on the OP wording though, this is not one of them. It may be outside the scope of this site, but before using the accepted answer as a workaround to perform your work responsibilities, you need to get approval in writing from your manager, your coworker, her manager - and have at least notified whoever has authority over security policy for your company. Don’t bother defining what the actions you should be taking are, now that you’re impersonating another user - you are approved to perform every action she is approved to perform.
1
I really appreciate your concern, but I've already gotten permission to temporarily use her account. As to why my question is outside the scope of this site; I used a real world example for the sole purpose of giving more context since abstracting my question would've been a little bit more confusing. But again, much obliged.
– Outman
Nov 14 at 12:56
1
@Outman application impersonation isn’t necessarily outside the scope of this site. Rather my answer on behavioral implementation of security policy may not be strictly on-topic. If you have all the approvals (in writing, that bit is important) mentioned above, then full steam ahead - as long as you understand that this approach is an anti-pattern at best and a risk to you personally at worst.
– Peter Vandivier
Nov 14 at 13:00
add a comment |
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
6
down vote
accepted
You can open SSMS as her Windows user account by doing either of the following:
Right click the SSMS shortcut while holding the SHIFT key. Click on Open as another user and enter the other users credentials.
Create a shortcut in the following format:
C:WindowsSystem32runas.exe /savecred /user:DOMAINUSERNAME
"C:Program Files (x86)Microsoft SQL
Server140ToolsBinnManagementStudioSsms.exe"
You'll need to replace the path to SSMS.exe with your version.
Once you open the shortcut and enter the password for the account, you can then simply double click the shortcut in the future as it will store your credentials for later use.
Thanks a whole lot! I wasn't aware of therunas
command, this is going to be much more helpful in the future than just fixing this problem.
– Outman
Nov 14 at 11:19
add a comment |
up vote
6
down vote
accepted
You can open SSMS as her Windows user account by doing either of the following:
Right click the SSMS shortcut while holding the SHIFT key. Click on Open as another user and enter the other users credentials.
Create a shortcut in the following format:
C:WindowsSystem32runas.exe /savecred /user:DOMAINUSERNAME
"C:Program Files (x86)Microsoft SQL
Server140ToolsBinnManagementStudioSsms.exe"
You'll need to replace the path to SSMS.exe with your version.
Once you open the shortcut and enter the password for the account, you can then simply double click the shortcut in the future as it will store your credentials for later use.
Thanks a whole lot! I wasn't aware of therunas
command, this is going to be much more helpful in the future than just fixing this problem.
– Outman
Nov 14 at 11:19
add a comment |
up vote
6
down vote
accepted
up vote
6
down vote
accepted
You can open SSMS as her Windows user account by doing either of the following:
Right click the SSMS shortcut while holding the SHIFT key. Click on Open as another user and enter the other users credentials.
Create a shortcut in the following format:
C:WindowsSystem32runas.exe /savecred /user:DOMAINUSERNAME
"C:Program Files (x86)Microsoft SQL
Server140ToolsBinnManagementStudioSsms.exe"
You'll need to replace the path to SSMS.exe with your version.
Once you open the shortcut and enter the password for the account, you can then simply double click the shortcut in the future as it will store your credentials for later use.
You can open SSMS as her Windows user account by doing either of the following:
Right click the SSMS shortcut while holding the SHIFT key. Click on Open as another user and enter the other users credentials.
Create a shortcut in the following format:
C:WindowsSystem32runas.exe /savecred /user:DOMAINUSERNAME
"C:Program Files (x86)Microsoft SQL
Server140ToolsBinnManagementStudioSsms.exe"
You'll need to replace the path to SSMS.exe with your version.
Once you open the shortcut and enter the password for the account, you can then simply double click the shortcut in the future as it will store your credentials for later use.
edited Nov 14 at 11:40
answered Nov 14 at 8:48
George.Palacios
1,580620
1,580620
Thanks a whole lot! I wasn't aware of therunas
command, this is going to be much more helpful in the future than just fixing this problem.
– Outman
Nov 14 at 11:19
add a comment |
Thanks a whole lot! I wasn't aware of therunas
command, this is going to be much more helpful in the future than just fixing this problem.
– Outman
Nov 14 at 11:19
Thanks a whole lot! I wasn't aware of the
runas
command, this is going to be much more helpful in the future than just fixing this problem.– Outman
Nov 14 at 11:19
Thanks a whole lot! I wasn't aware of the
runas
command, this is going to be much more helpful in the future than just fixing this problem.– Outman
Nov 14 at 11:19
add a comment |
up vote
1
down vote
There are valid times to runas
an application as a domain account other than your own. Based on the OP wording though, this is not one of them. It may be outside the scope of this site, but before using the accepted answer as a workaround to perform your work responsibilities, you need to get approval in writing from your manager, your coworker, her manager - and have at least notified whoever has authority over security policy for your company. Don’t bother defining what the actions you should be taking are, now that you’re impersonating another user - you are approved to perform every action she is approved to perform.
1
I really appreciate your concern, but I've already gotten permission to temporarily use her account. As to why my question is outside the scope of this site; I used a real world example for the sole purpose of giving more context since abstracting my question would've been a little bit more confusing. But again, much obliged.
– Outman
Nov 14 at 12:56
1
@Outman application impersonation isn’t necessarily outside the scope of this site. Rather my answer on behavioral implementation of security policy may not be strictly on-topic. If you have all the approvals (in writing, that bit is important) mentioned above, then full steam ahead - as long as you understand that this approach is an anti-pattern at best and a risk to you personally at worst.
– Peter Vandivier
Nov 14 at 13:00
add a comment |
up vote
1
down vote
There are valid times to runas
an application as a domain account other than your own. Based on the OP wording though, this is not one of them. It may be outside the scope of this site, but before using the accepted answer as a workaround to perform your work responsibilities, you need to get approval in writing from your manager, your coworker, her manager - and have at least notified whoever has authority over security policy for your company. Don’t bother defining what the actions you should be taking are, now that you’re impersonating another user - you are approved to perform every action she is approved to perform.
1
I really appreciate your concern, but I've already gotten permission to temporarily use her account. As to why my question is outside the scope of this site; I used a real world example for the sole purpose of giving more context since abstracting my question would've been a little bit more confusing. But again, much obliged.
– Outman
Nov 14 at 12:56
1
@Outman application impersonation isn’t necessarily outside the scope of this site. Rather my answer on behavioral implementation of security policy may not be strictly on-topic. If you have all the approvals (in writing, that bit is important) mentioned above, then full steam ahead - as long as you understand that this approach is an anti-pattern at best and a risk to you personally at worst.
– Peter Vandivier
Nov 14 at 13:00
add a comment |
up vote
1
down vote
up vote
1
down vote
There are valid times to runas
an application as a domain account other than your own. Based on the OP wording though, this is not one of them. It may be outside the scope of this site, but before using the accepted answer as a workaround to perform your work responsibilities, you need to get approval in writing from your manager, your coworker, her manager - and have at least notified whoever has authority over security policy for your company. Don’t bother defining what the actions you should be taking are, now that you’re impersonating another user - you are approved to perform every action she is approved to perform.
There are valid times to runas
an application as a domain account other than your own. Based on the OP wording though, this is not one of them. It may be outside the scope of this site, but before using the accepted answer as a workaround to perform your work responsibilities, you need to get approval in writing from your manager, your coworker, her manager - and have at least notified whoever has authority over security policy for your company. Don’t bother defining what the actions you should be taking are, now that you’re impersonating another user - you are approved to perform every action she is approved to perform.
answered Nov 14 at 12:44
Peter Vandivier
9391522
9391522
1
I really appreciate your concern, but I've already gotten permission to temporarily use her account. As to why my question is outside the scope of this site; I used a real world example for the sole purpose of giving more context since abstracting my question would've been a little bit more confusing. But again, much obliged.
– Outman
Nov 14 at 12:56
1
@Outman application impersonation isn’t necessarily outside the scope of this site. Rather my answer on behavioral implementation of security policy may not be strictly on-topic. If you have all the approvals (in writing, that bit is important) mentioned above, then full steam ahead - as long as you understand that this approach is an anti-pattern at best and a risk to you personally at worst.
– Peter Vandivier
Nov 14 at 13:00
add a comment |
1
I really appreciate your concern, but I've already gotten permission to temporarily use her account. As to why my question is outside the scope of this site; I used a real world example for the sole purpose of giving more context since abstracting my question would've been a little bit more confusing. But again, much obliged.
– Outman
Nov 14 at 12:56
1
@Outman application impersonation isn’t necessarily outside the scope of this site. Rather my answer on behavioral implementation of security policy may not be strictly on-topic. If you have all the approvals (in writing, that bit is important) mentioned above, then full steam ahead - as long as you understand that this approach is an anti-pattern at best and a risk to you personally at worst.
– Peter Vandivier
Nov 14 at 13:00
1
1
I really appreciate your concern, but I've already gotten permission to temporarily use her account. As to why my question is outside the scope of this site; I used a real world example for the sole purpose of giving more context since abstracting my question would've been a little bit more confusing. But again, much obliged.
– Outman
Nov 14 at 12:56
I really appreciate your concern, but I've already gotten permission to temporarily use her account. As to why my question is outside the scope of this site; I used a real world example for the sole purpose of giving more context since abstracting my question would've been a little bit more confusing. But again, much obliged.
– Outman
Nov 14 at 12:56
1
1
@Outman application impersonation isn’t necessarily outside the scope of this site. Rather my answer on behavioral implementation of security policy may not be strictly on-topic. If you have all the approvals (in writing, that bit is important) mentioned above, then full steam ahead - as long as you understand that this approach is an anti-pattern at best and a risk to you personally at worst.
– Peter Vandivier
Nov 14 at 13:00
@Outman application impersonation isn’t necessarily outside the scope of this site. Rather my answer on behavioral implementation of security policy may not be strictly on-topic. If you have all the approvals (in writing, that bit is important) mentioned above, then full steam ahead - as long as you understand that this approach is an anti-pattern at best and a risk to you personally at worst.
– Peter Vandivier
Nov 14 at 13:00
add a comment |
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f222501%2fhow-to-access-a-sql-server-database-using-another-user-with-permissions-in-the-s%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
2
Just an opinion: If you have her credentials, then you have some serious security issues at the company you are working for other than unable to start SSMS with a different account or having to wait for the permission to access a database.
– hot2use
Nov 14 at 12:02
2
If the SQL authentication is turned off and you need integrated windows authentication then indeed you can only switch the client windows user or use „Run As“ (and you and she are most likely violating company policy by sharing an account)
– eckes
Nov 14 at 12:09
1
@hot2use there are too many other issues to rant about, as expected from a company maintaining legacy systems.
– Outman
Nov 14 at 12:36