Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
Glockenspiel
Yak Posting Veteran
50 Posts |
 Posted - 2002-10-29 : 09:31:13
|
The Problem: Our network administrator created a Windows user and that Windows user was then added to a SQL Server as a Windows Authentication login (SQL Server version 2000 with SP2). The network administrator later changed the name of the Windows user and the SQL Server login account was dropped. When attempting to create a SQL Server login for the newly renamed account, we are getting the following error message:Error 15401: Windows NT user or group '<DOMAIN_NAME>\<USER_NAME>' not found. Check the name again." Our best guess is that SQL Server is somehow persisting the remnants of the previous login account; however, we are not seeing any additional rows in the master..sysxlogins table that indicate an orphaned account. As an experiment, we tried to add the newly-renamed account to a different SQL Server (also version 2000 with SP2) and had no problem doing so. It only seems to be a problem recreating a login with a new name that previously existed on the SQL Server with the previous name.So, has anyone else run into this problem and (more importantly) are there any ideas on how we might remedy this?Edited by - glockenspiel on 10/29/2002 09:32:27 |
|
|
AjarnMark
SQL Slashing Gunting Master
3246 Posts |
Posted - 2002-10-30 : 14:03:47
|
| You talk about the NT user being renamed instead of deleted and a new one added. I would suggest doing that and see if it clears up your problem. I've seen funny things in Windows security settings where a user name disappears and instead you see something that looks like a GUID. This leads me to believe that the security info is not really based on login name, but rather some ID number.While that situation did not involve SQL Server, there could be some related residual effect. Yeah, I know, this is way out on the edge of speculation, but hey, it's an idea. |
 |
|
|
ksw
Starting Member
24 Posts |
Posted - 2002-10-31 : 18:32:54
|
| I have the exact same issue. Our company decided to go from the login format of LastnameFirstInitial to FirstInitialMiddleIntialLastName so they simply renamed the logins. I think that deleting and recreating causes a big headache when it comes to permissions and personal folders on shared networks and that kind of stuff.In my case, I have 2 servers, one is 7.0 sp2 and the other is 2000 sp2. On the 7.0 box, I deleted the user and then created a new login and gave it the new name of the NT login. Everything ran fine. Tried the same thing on 2000 and got the same error message you did. Talked to the network people and it was suggested that maybe the domain controllers hadn't sync'd up yet. Gave it some time and it didn't help. Had the network people force the resync, didn't help. Recreated the NT login using the OLD name and it works fine. The user has no problems connecting to the system using their new NT login. Somehow between NT security and SQL Server, it knows that the 2 logins are really the same. Maybe it does have something to do with the ID like AjarnMark said. Along the same lines, on my 7.0 box, a diffent user was renamed so I added the new NT login. Everything was ok, but for some reason, I never deleted the old one. The user was a sysadmin so I must of thought I still needed the old one or something. For any database that login was a user of, there was now 2 users both with the same name but one was mapped to the old login and one to the new. That person no longer works here, so I deleted the logins, starting with the old one. When I went to delete the new login, it said that the login didn't exist. I hadn't done a refresh after deleting the first one, so EM still showed the second. But SQL Server had actually deleted BOTH logins when I deleted the first one. Somehow it considered them to be the same. Just thought that was odd, but the whole ID idea makes sense in this case too.So, try recreating the NT login using the OLD name. I bet it will work.--KSW |
|
|
|
|
|
|
|
|
Changing Windows auth user name hoses things up