堆栈内存溢出
  简体   繁体   English

如何授予对NETWORK SERVICE帐户的SQL访问权限?

[英]How to give SQL access to NETWORK SERVICE account?

 原文  2017-07-11 16:16:06       c#/ sql-server/ windows-services/ network-service

问题描述

I am trying to create a schema and a table that is accessible by a Windows Service that I wrote, but my service is unable to gain access to it... 我正在尝试创建一个可由我编写的Windows服务访问的模式和表,但我的服务无法访问它... 

USE [tempdb]
GO

CREATE SCHEMA [blah]
GO

SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE TABLE [blah].[domains](
    [id] [int] NOT NULL,
    [name] [varchar](256) NOT NULL,
 CONSTRAINT [PK_domains] PRIMARY KEY CLUSTERED 
(
    [id] ASC
)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
) ON [PRIMARY]
GO

A very simple table.. When I try to SELECT it via my Windows Service, I'm getting: 一个非常简单的表..当我尝试通过我的Windows服务SELECT它时,我得到:

System.Data.SqlClient.SqlException (0x80131904): The SELECT permission was denied on the object 'domains', database 'tempdb', schema 'blah'. System.Data.SqlClient.SqlException(0x80131904):对象'domains',数据库'tempdb',schema'blah'上的SELECT权限被拒绝。

I've tried switching my Service account from LocalService to NetworkService but it gives the same thing. 我已经尝试将我的服务帐户从LocalService切换到NetworkService但它提供了相同的功能。

The connection string I am using for my service: 我用于服务的连接字符串: 

connectionString="Data Source=.\SQLEXPRESS;Database=tempdb;Integrated Security=True;MultipleActiveResultSets=True"

I've also tried to create a new Logins for NT AUTHORITY\\NETWORK SERVICE , then a user NETWORK SERVICE mapped to that Login and then grant permission on blah as well as domains table, but still not working. 我还试图为NT AUTHORITY\\NETWORK SERVICE创建一个新的登录,然后一个用户NETWORK SERVICE映射到该登录,然后授予blahdomains表的权限,但仍然无法正常工作。

PS: The same code was able to access the table when I ran it as a normal executable, but not when is running as a Service . PS:当我将其作为普通可执行文件运行时,相同的代码能够访问该表,但是当作为Service运行时则不能。

1 个解决方案

解决方案1
 0  2017-07-11 17:14:40

We discussed a few approaches in the comments, but I think your best bet is to: 我们在评论中讨论了一些方法,但我认为最好的办法是:

  • Create a Windows account (or use an existing one) 创建Windows帐户(或使用现有帐户)
  • Configure your service to run as that Windows account 将您的服务配置为以该Windows帐户运行
  • Add the Windows account as a SQL login 将Windows帐户添加为SQL登录名
  • Grant the desired permissions to that SQL login 为该SQL登录授予所需的权限

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在网络服务帐户下访问 Windows 共享 - Access Windows Share under Network Service account 服务应在哪个Windows帐户下运行才能访问网络sql服务器 - what Windows account should a service run under to access network sql servers Windows服务无法访问网络服务帐户以访问msmq - windows service has access denied to the Network Service account to msmq 以其他用户(服务帐户)身份运行程序(exe),访问网络共享 - Run program (exe) as different user (service account), access to network share 客户端登录时如何在服务器上的网络服务帐户中触发服务? - How to trigger a Service in a Network Service Account on a server when a client logs in? 如何让我的机器人访问我的电报帐户? - How to give my bot access to my telegram account? 如何使用服务帐户 ID 访问我的帐户电子邮件? - How can I access my account emails with service account id? 如何获得内置Windows“网络服务”帐户的本地化版本? - How to get localized version of built-in windows 'Network Service' account? C#如何禁用本地用户帐户的交互式登录。 与网络服务帐户类似 - C# How do I disable interactive login for a local user account. Similar to Network Service account c#授予用户使用广告服务帐户访问网络文件夹的权限 - c# Grant user access to network folder using ad service account
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM