Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
Author |
Topic |
Mathias
Posting Yak Master
119 Posts |
Posted - 2009-03-25 : 08:45:01
|
select system_user DOMAIN\OldLoginis sending back the old active directory name. It happens when a user gets his login changed to a new one.SQL2005, SP2, dual authentificationWhat should be done on the server to get it updated (despite a reboot)? |
|
Mathias
Posting Yak Master
119 Posts |
Posted - 2009-03-25 : 11:36:10
|
I found the following :Renaming Windows User or Group AccountsWhen a Windows user or group is renamed using the User Manager for Domains tool in Windows NT 4.0 or the Active Directory Users utility, SQL Server 2000 is unaware of that change. SQL Server 2000 maintains the fully qualified name of the user or group in the sysxlogins table for performance reasons, as it can be very slow to query the domain controller for this information. This is true when many name lookups are done or the domain controller is connected over a slow WAN link.The fact that the names of SQL Server 2000 users and groups may differ from those of Windows users and groups does not cause any security problems. The permissions set for the user or the group continue to function correctly, as SQL Server relies only on the SIDs internally.When the SUSER_SNAME() and SUSER_SID() functions are used to return the login name and SID of the user, respectively, they first query the sysxlogins table. The Windows Local Security Authority (LSA) is queried only if the sysxlogins table does not contain the username or SID.Another effect of using these functions is that the usernames in system messages may not report an up-to-date name.There is no mention on how to fix it! |
|
|
|
|
|