I'm trying to login to a SQL Server instance from the server it runs on while remoted in as myself.
我正在尝试从它运行的服务器登录到SQL Server实例,同时作为我自己进行远程登录。
I keep getting the standard login failed error and in the error log I'm seeing "Error: 18456, Severity: 14, State: 11."
我一直得到标准登录失败错误,并在错误日志中我看到“错误:18456,严重性:14,状态:11。”
The login is using windows authentication - here's the weird bit. I can login fine from my own machine using the same authentication, just not when I'm on the machine the database is installed on.
登录使用的是Windows身份验证 - 这是奇怪的一点。我可以使用相同的身份验证从我自己的机器上正常登录,只是当我在机器上安装数据库时。
Any ideas?
Thanks, Dave
1 个解决方案
#1
10
UAC如何运作?
When an administrator logs on, this version of Windows creates two separate access tokens for the user: a standard user access token and an administrator access token. The standard user access token contains the same user-specific information as the administrator access token, but the administrative Windows privileges and SIDs have been removed. The standard user access token is used to start applications...
当管理员登录时,此版本的Windows为用户创建两个单独的访问令牌:标准用户访问令牌和管理员访问令牌。标准用户访问令牌包含与管理员访问令牌相同的用户特定信息,但已删除管理Windows权限和SID。标准用户访问令牌用于启动应用程序......
When you're logged in locally your administrator token is stripped. Since you granted access to your instance to BUILTIN\Administrators, you are locked out of the instance. When authenticating remotely the administrator token is preserved and you gain access. You would gain access if you'd choose to RunAs\Administrator when starting your application (SSMS?).
当您在本地登录时,您的管理员令牌将被删除。由于您已将实例授予对BUILTIN \ Administrators的访问权限,因此您将被锁定在实例之外。远程验证时,将保留管理员令牌并获得访问权限。如果您在启动应用程序(SSMS?)时选择RunAs \ Administrator,您将获得访问权限。
The solution is to grant yourself access explicitly:
解决方案是明确授予您自己的访问权限:
create login [domain\you] from windows;
exec sp_addsrvrolemember 'domain\you','sysadmin';
#1
10
UAC如何运作?
When an administrator logs on, this version of Windows creates two separate access tokens for the user: a standard user access token and an administrator access token. The standard user access token contains the same user-specific information as the administrator access token, but the administrative Windows privileges and SIDs have been removed. The standard user access token is used to start applications...
当管理员登录时,此版本的Windows为用户创建两个单独的访问令牌:标准用户访问令牌和管理员访问令牌。标准用户访问令牌包含与管理员访问令牌相同的用户特定信息,但已删除管理Windows权限和SID。标准用户访问令牌用于启动应用程序......
When you're logged in locally your administrator token is stripped. Since you granted access to your instance to BUILTIN\Administrators, you are locked out of the instance. When authenticating remotely the administrator token is preserved and you gain access. You would gain access if you'd choose to RunAs\Administrator when starting your application (SSMS?).
当您在本地登录时,您的管理员令牌将被删除。由于您已将实例授予对BUILTIN \ Administrators的访问权限,因此您将被锁定在实例之外。远程验证时,将保留管理员令牌并获得访问权限。如果您在启动应用程序(SSMS?)时选择RunAs \ Administrator,您将获得访问权限。
The solution is to grant yourself access explicitly:
解决方案是明确授予您自己的访问权限:
create login [domain\you] from windows;
exec sp_addsrvrolemember 'domain\you','sysadmin';