SQL Server 2012 denies a granted permission, then can't resolve username -
i have strange behavior going on here.
we have table set up, "person", trigger inserts difference actions "person_history". can tell, when execute myself, goes well. when run this:
execute user = 'domain\user'; insert "person_history" values (...); revert; the first time, permission error:
msg 297, level 16, state 1, line 1
user not have permission perform action.
the second time run (after tracing permissions , finding should allowed), this:
msg 15406, level 16, state 1, line 1
cannot execute server principal because principal "domain\user" not exist, type of principal cannot impersonated, or not have permission.
it should noted first error user sees, , reported, , expect behavior not change after first run of statement.
so might missing here? i've never seen behavior before.
update: turns out insert not problem, acquiring transaction id sys.dm_tran_current_transaction problem. when statement failed (for lack of view server state permission), revert never run, , user not granted impersonate, why message changed - still executing other user.
there difference in grants between , user. need double check complete list (including roles).
impersonating user handled grants. run see grants are...
select * sys.server_principals
Comments
Post a Comment