SQL user login transfer
-
SQL user login transfer
Posted by greg-wahl on March 23, 2017 at 3:20 pm-
I installed SQL Server on a new server and restored a copy of our Dynamics and company database from production onto that new server to be used as a test environment. I also installed a copy of Dynamics GP onto that server.
To transfer the SQL logins, I used the Microsoft script where you have to run the sp_help_revlogin stored procedure and it generates the script for you to run on the new server.
The script executed fine on the new server but the passwords do not work when you try to log into GP. I logged into GP using ‘sa’ and changed my user password to what it should be. I then ran the sp_help_revlogin on my userid on the new server to compare hashes and it appears that the hashes are different.
Am I missing a step as to why the hashed passwords are not working? I verified that the SIDS are the same on both servers but I am not sure what else to look at.
——————————
Greg Wahl
Systems Analyst/Programmer
Owensboro Municipal Utilities
Owensboro KY
—————————— -
Greg,
The reason the passwords are not working is because your new server has a different name than the old server. Dynamics GP encrypts user passwords and part of the encryption process is the name of the server as it’s stored in the ODBC configuration screen, please see below. Unfortunately, you will have to reset all you GP user’s passwords on the new server.
——————————
Tom Monfre
Batteries Plus Bulbs, LLC
Hartland WI
——————————
——————————————- -
Hi Greg
GP Power Tools Database Validation tool can quickly fix all user and database issues including recreating logins with a randomized encrypted password with the change password on next login option.
The tool also checks and fixes table structures, Dynamics Utilities tables and Account Framework issues.
David
——————————
David Musgrave MVP, GPUG All-StarManaging Director
Winthrop Development ConsultantsPerth, Western Australia
http://www.winthropdc.com
——————————
——————————————- -
Now there’s an enhancement begging to be added, David.
…Randomized passwords emailed to each user individually.I understand a few things would have to be in place for a feature like this, but if anyone can do it, you can!
The password thing is a pain for us often as we roll production data down to QA, DEV, & Staging test servers.
Just a thought,
——————————
David Morinello
Senior Dynamics GP Systems Architect
Ascend Learning, LLC
Leawood KS
——————————
——————————————- -
Hi David
The Randomized passwords was added for build 22. At this stage it provides a report of what the passwords are.
Thanks for the idea, it is one that I already had, but there is no definitive location for an email address mapped to a User ID.
If you can work out where I can get the email address from then I could send them.
Maybe if the User IDs where the aliases and I let you enter the domain then it could so it.
Thoughts?
David
——————————
David Musgrave MVP, GPUG All-StarManaging Director
Winthrop Development ConsultantsPerth, Western Australia
http://www.winthropdc.com
——————————
——————————————- -
David, just a suggestion but we have used the Windows Account field for this purpose. With some basic information about the domain it is pretty easy to convert the SIDs stored in GP to a domain account (which would have the email address associated). This of course assumes that there is a domain in place…
——————————
Matthew Arp
Business Systems Developer
Hunton Group
Houston TX
——————————
——————————————- -
Beat Bucher
MemberMarch 27, 2017 at 10:48 AM
Hi Matthew,
We had this discussion with David a while ago when he was workign on Buid 22 of GPPT.. the tricky part is that not every company is using :
a) an Exchange mail server
b) domain user accounts (this is not mandatory for GP if you’re not using the Web client)So we found out that generating a report was the easiest and most reliable way to communicate newly generated passwords to the admin..
There is always place for improvement, but it goes on the cost of coding multiple options to cover a pretty basic feature.. You could also use the e-mail address that is optionally used in most recent GP versions (starting with 2013 where the web client was introduced), but as I said, not all companies use the field, as they may not have a need for it.
Personally, I try to keep the same logic for the user names in GP as for the domain, which would make it easy to just append the @domain.com name to the user acount to mail it out, but here again, this is not granted in every company.——————————
Beat Bucher
Business Analyst, Dynamics GP MVP
Ultra-Electronics Forensic Technology Inc.
Montreal QC/Canada
+1-514-489-4267
@GP_Beat http://dyngpbeat.wordpress.com/
Montreal QC GPUG Chapter Leader
GP2013R2 / MR2012 CU14
——————————
——————————————- -
Completely agree, I certainly hope most everyone except some of the smaller shops would have a domain but I can see not wanting to make that assumption and limit the marketability. One of the joys of developing for your own company is knowing exactly what kind of environment you operate in 🙂
——————————
Matthew Arp
Business Systems Developer
Hunton Group
Houston TX
——————————
——————————————-
greg-wahl replied 7 years, 5 months ago 1 Member · 0 Replies -
-
0 Replies
Sorry, there were no replies found.
The discussion ‘SQL user login transfer’ is closed to new replies.