How to access a SQL Server database using another user with permissions in the same intranet












3















While I'm waiting for my user to get access permissions, I'm stuck using a colleague's, and whenever I try to run basic SQL queries I have to switch from my Windows user to hers.



Hopefully this is clear enough: I want to access a SQL Server for which another user on the same intranet has permissions while I only have her credentials, and that the server utilizes Integrated Security.










share|improve this question




















  • 2





    Just an opinion: If you have her credentials, then you have some serious security issues at the company you are working for other than unable to start SSMS with a different account or having to wait for the permission to access a database.

    – hot2use
    Nov 14 '18 at 12:02






  • 2





    If the SQL authentication is turned off and you need integrated windows authentication then indeed you can only switch the client windows user or use „Run As“ (and you and she are most likely violating company policy by sharing an account)

    – eckes
    Nov 14 '18 at 12:09






  • 2





    @hot2use there are too many other issues to rant about, as expected from a company maintaining legacy systems.

    – Outman
    Nov 14 '18 at 12:36
















3















While I'm waiting for my user to get access permissions, I'm stuck using a colleague's, and whenever I try to run basic SQL queries I have to switch from my Windows user to hers.



Hopefully this is clear enough: I want to access a SQL Server for which another user on the same intranet has permissions while I only have her credentials, and that the server utilizes Integrated Security.










share|improve this question




















  • 2





    Just an opinion: If you have her credentials, then you have some serious security issues at the company you are working for other than unable to start SSMS with a different account or having to wait for the permission to access a database.

    – hot2use
    Nov 14 '18 at 12:02






  • 2





    If the SQL authentication is turned off and you need integrated windows authentication then indeed you can only switch the client windows user or use „Run As“ (and you and she are most likely violating company policy by sharing an account)

    – eckes
    Nov 14 '18 at 12:09






  • 2





    @hot2use there are too many other issues to rant about, as expected from a company maintaining legacy systems.

    – Outman
    Nov 14 '18 at 12:36














3












3








3


2






While I'm waiting for my user to get access permissions, I'm stuck using a colleague's, and whenever I try to run basic SQL queries I have to switch from my Windows user to hers.



Hopefully this is clear enough: I want to access a SQL Server for which another user on the same intranet has permissions while I only have her credentials, and that the server utilizes Integrated Security.










share|improve this question
















While I'm waiting for my user to get access permissions, I'm stuck using a colleague's, and whenever I try to run basic SQL queries I have to switch from my Windows user to hers.



Hopefully this is clear enough: I want to access a SQL Server for which another user on the same intranet has permissions while I only have her credentials, and that the server utilizes Integrated Security.







sql-server connectivity






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Dec 5 '18 at 7:26







Outman

















asked Nov 14 '18 at 8:43









OutmanOutman

1738




1738








  • 2





    Just an opinion: If you have her credentials, then you have some serious security issues at the company you are working for other than unable to start SSMS with a different account or having to wait for the permission to access a database.

    – hot2use
    Nov 14 '18 at 12:02






  • 2





    If the SQL authentication is turned off and you need integrated windows authentication then indeed you can only switch the client windows user or use „Run As“ (and you and she are most likely violating company policy by sharing an account)

    – eckes
    Nov 14 '18 at 12:09






  • 2





    @hot2use there are too many other issues to rant about, as expected from a company maintaining legacy systems.

    – Outman
    Nov 14 '18 at 12:36














  • 2





    Just an opinion: If you have her credentials, then you have some serious security issues at the company you are working for other than unable to start SSMS with a different account or having to wait for the permission to access a database.

    – hot2use
    Nov 14 '18 at 12:02






  • 2





    If the SQL authentication is turned off and you need integrated windows authentication then indeed you can only switch the client windows user or use „Run As“ (and you and she are most likely violating company policy by sharing an account)

    – eckes
    Nov 14 '18 at 12:09






  • 2





    @hot2use there are too many other issues to rant about, as expected from a company maintaining legacy systems.

    – Outman
    Nov 14 '18 at 12:36








2




2





Just an opinion: If you have her credentials, then you have some serious security issues at the company you are working for other than unable to start SSMS with a different account or having to wait for the permission to access a database.

– hot2use
Nov 14 '18 at 12:02





Just an opinion: If you have her credentials, then you have some serious security issues at the company you are working for other than unable to start SSMS with a different account or having to wait for the permission to access a database.

– hot2use
Nov 14 '18 at 12:02




2




2





If the SQL authentication is turned off and you need integrated windows authentication then indeed you can only switch the client windows user or use „Run As“ (and you and she are most likely violating company policy by sharing an account)

– eckes
Nov 14 '18 at 12:09





If the SQL authentication is turned off and you need integrated windows authentication then indeed you can only switch the client windows user or use „Run As“ (and you and she are most likely violating company policy by sharing an account)

– eckes
Nov 14 '18 at 12:09




2




2





@hot2use there are too many other issues to rant about, as expected from a company maintaining legacy systems.

– Outman
Nov 14 '18 at 12:36





@hot2use there are too many other issues to rant about, as expected from a company maintaining legacy systems.

– Outman
Nov 14 '18 at 12:36










2 Answers
2






active

oldest

votes


















7














You can open SSMS as her Windows user account by doing either of the following:




  1. Right click the SSMS shortcut while holding the SHIFT key. Click on Open as another user and enter the other users credentials.


  2. Create a shortcut in the following format:




C:WindowsSystem32runas.exe /savecred /user:DOMAINUSERNAME
"C:Program Files (x86)Microsoft SQL
Server140ToolsBinnManagementStudioSsms.exe"




You'll need to replace the path to SSMS.exe with your version.



Once you open the shortcut and enter the password for the account, you can then simply double click the shortcut in the future as it will store your credentials for later use.






share|improve this answer


























  • Thanks a whole lot! I wasn't aware of the runas command, this is going to be much more helpful in the future than just fixing this problem.

    – Outman
    Nov 14 '18 at 11:19



















1














There are valid times to runas an application as a domain account other than your own. Based on the OP wording though, this is not one of them. It may be outside the scope of this site, but before using the accepted answer as a workaround to perform your work responsibilities, you need to get approval in writing from your manager, your coworker, her manager - and have at least notified whoever has authority over security policy for your company. Don’t bother defining what the actions you should be taking are, now that you’re impersonating another user - you are approved to perform every action she is approved to perform.






share|improve this answer



















  • 1





    I really appreciate your concern, but I've already gotten permission to temporarily use her account. As to why my question is outside the scope of this site; I used a real world example for the sole purpose of giving more context since abstracting my question would've been a little bit more confusing. But again, much obliged.

    – Outman
    Nov 14 '18 at 12:56






  • 1





    @Outman application impersonation isn’t necessarily outside the scope of this site. Rather my answer on behavioral implementation of security policy may not be strictly on-topic. If you have all the approvals (in writing, that bit is important) mentioned above, then full steam ahead - as long as you understand that this approach is an anti-pattern at best and a risk to you personally at worst.

    – Peter Vandivier
    Nov 14 '18 at 13:00











  • Just to add to this answer - which I agree with but don't think it necessarily answers the question posited - I only use this as we are a multi-domain site and I often need to open 4-5 SSMS sessions as different domain accounts, all of which are owned by me.

    – George.Palacios
    Dec 5 '18 at 12:03











Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "182"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f222501%2fhow-to-access-a-sql-server-database-using-another-user-with-permissions-in-the-s%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























2 Answers
2






active

oldest

votes








2 Answers
2






active

oldest

votes









active

oldest

votes






active

oldest

votes









7














You can open SSMS as her Windows user account by doing either of the following:




  1. Right click the SSMS shortcut while holding the SHIFT key. Click on Open as another user and enter the other users credentials.


  2. Create a shortcut in the following format:




C:WindowsSystem32runas.exe /savecred /user:DOMAINUSERNAME
"C:Program Files (x86)Microsoft SQL
Server140ToolsBinnManagementStudioSsms.exe"




You'll need to replace the path to SSMS.exe with your version.



Once you open the shortcut and enter the password for the account, you can then simply double click the shortcut in the future as it will store your credentials for later use.






share|improve this answer


























  • Thanks a whole lot! I wasn't aware of the runas command, this is going to be much more helpful in the future than just fixing this problem.

    – Outman
    Nov 14 '18 at 11:19
















7














You can open SSMS as her Windows user account by doing either of the following:




  1. Right click the SSMS shortcut while holding the SHIFT key. Click on Open as another user and enter the other users credentials.


  2. Create a shortcut in the following format:




C:WindowsSystem32runas.exe /savecred /user:DOMAINUSERNAME
"C:Program Files (x86)Microsoft SQL
Server140ToolsBinnManagementStudioSsms.exe"




You'll need to replace the path to SSMS.exe with your version.



Once you open the shortcut and enter the password for the account, you can then simply double click the shortcut in the future as it will store your credentials for later use.






share|improve this answer


























  • Thanks a whole lot! I wasn't aware of the runas command, this is going to be much more helpful in the future than just fixing this problem.

    – Outman
    Nov 14 '18 at 11:19














7












7








7







You can open SSMS as her Windows user account by doing either of the following:




  1. Right click the SSMS shortcut while holding the SHIFT key. Click on Open as another user and enter the other users credentials.


  2. Create a shortcut in the following format:




C:WindowsSystem32runas.exe /savecred /user:DOMAINUSERNAME
"C:Program Files (x86)Microsoft SQL
Server140ToolsBinnManagementStudioSsms.exe"




You'll need to replace the path to SSMS.exe with your version.



Once you open the shortcut and enter the password for the account, you can then simply double click the shortcut in the future as it will store your credentials for later use.






share|improve this answer















You can open SSMS as her Windows user account by doing either of the following:




  1. Right click the SSMS shortcut while holding the SHIFT key. Click on Open as another user and enter the other users credentials.


  2. Create a shortcut in the following format:




C:WindowsSystem32runas.exe /savecred /user:DOMAINUSERNAME
"C:Program Files (x86)Microsoft SQL
Server140ToolsBinnManagementStudioSsms.exe"




You'll need to replace the path to SSMS.exe with your version.



Once you open the shortcut and enter the password for the account, you can then simply double click the shortcut in the future as it will store your credentials for later use.







share|improve this answer














share|improve this answer



share|improve this answer








edited Nov 14 '18 at 11:40

























answered Nov 14 '18 at 8:48









George.PalaciosGeorge.Palacios

2,253824




2,253824













  • Thanks a whole lot! I wasn't aware of the runas command, this is going to be much more helpful in the future than just fixing this problem.

    – Outman
    Nov 14 '18 at 11:19



















  • Thanks a whole lot! I wasn't aware of the runas command, this is going to be much more helpful in the future than just fixing this problem.

    – Outman
    Nov 14 '18 at 11:19

















Thanks a whole lot! I wasn't aware of the runas command, this is going to be much more helpful in the future than just fixing this problem.

– Outman
Nov 14 '18 at 11:19





Thanks a whole lot! I wasn't aware of the runas command, this is going to be much more helpful in the future than just fixing this problem.

– Outman
Nov 14 '18 at 11:19













1














There are valid times to runas an application as a domain account other than your own. Based on the OP wording though, this is not one of them. It may be outside the scope of this site, but before using the accepted answer as a workaround to perform your work responsibilities, you need to get approval in writing from your manager, your coworker, her manager - and have at least notified whoever has authority over security policy for your company. Don’t bother defining what the actions you should be taking are, now that you’re impersonating another user - you are approved to perform every action she is approved to perform.






share|improve this answer



















  • 1





    I really appreciate your concern, but I've already gotten permission to temporarily use her account. As to why my question is outside the scope of this site; I used a real world example for the sole purpose of giving more context since abstracting my question would've been a little bit more confusing. But again, much obliged.

    – Outman
    Nov 14 '18 at 12:56






  • 1





    @Outman application impersonation isn’t necessarily outside the scope of this site. Rather my answer on behavioral implementation of security policy may not be strictly on-topic. If you have all the approvals (in writing, that bit is important) mentioned above, then full steam ahead - as long as you understand that this approach is an anti-pattern at best and a risk to you personally at worst.

    – Peter Vandivier
    Nov 14 '18 at 13:00











  • Just to add to this answer - which I agree with but don't think it necessarily answers the question posited - I only use this as we are a multi-domain site and I often need to open 4-5 SSMS sessions as different domain accounts, all of which are owned by me.

    – George.Palacios
    Dec 5 '18 at 12:03
















1














There are valid times to runas an application as a domain account other than your own. Based on the OP wording though, this is not one of them. It may be outside the scope of this site, but before using the accepted answer as a workaround to perform your work responsibilities, you need to get approval in writing from your manager, your coworker, her manager - and have at least notified whoever has authority over security policy for your company. Don’t bother defining what the actions you should be taking are, now that you’re impersonating another user - you are approved to perform every action she is approved to perform.






share|improve this answer



















  • 1





    I really appreciate your concern, but I've already gotten permission to temporarily use her account. As to why my question is outside the scope of this site; I used a real world example for the sole purpose of giving more context since abstracting my question would've been a little bit more confusing. But again, much obliged.

    – Outman
    Nov 14 '18 at 12:56






  • 1





    @Outman application impersonation isn’t necessarily outside the scope of this site. Rather my answer on behavioral implementation of security policy may not be strictly on-topic. If you have all the approvals (in writing, that bit is important) mentioned above, then full steam ahead - as long as you understand that this approach is an anti-pattern at best and a risk to you personally at worst.

    – Peter Vandivier
    Nov 14 '18 at 13:00











  • Just to add to this answer - which I agree with but don't think it necessarily answers the question posited - I only use this as we are a multi-domain site and I often need to open 4-5 SSMS sessions as different domain accounts, all of which are owned by me.

    – George.Palacios
    Dec 5 '18 at 12:03














1












1








1







There are valid times to runas an application as a domain account other than your own. Based on the OP wording though, this is not one of them. It may be outside the scope of this site, but before using the accepted answer as a workaround to perform your work responsibilities, you need to get approval in writing from your manager, your coworker, her manager - and have at least notified whoever has authority over security policy for your company. Don’t bother defining what the actions you should be taking are, now that you’re impersonating another user - you are approved to perform every action she is approved to perform.






share|improve this answer













There are valid times to runas an application as a domain account other than your own. Based on the OP wording though, this is not one of them. It may be outside the scope of this site, but before using the accepted answer as a workaround to perform your work responsibilities, you need to get approval in writing from your manager, your coworker, her manager - and have at least notified whoever has authority over security policy for your company. Don’t bother defining what the actions you should be taking are, now that you’re impersonating another user - you are approved to perform every action she is approved to perform.







share|improve this answer












share|improve this answer



share|improve this answer










answered Nov 14 '18 at 12:44









Peter VandivierPeter Vandivier

1,0921722




1,0921722








  • 1





    I really appreciate your concern, but I've already gotten permission to temporarily use her account. As to why my question is outside the scope of this site; I used a real world example for the sole purpose of giving more context since abstracting my question would've been a little bit more confusing. But again, much obliged.

    – Outman
    Nov 14 '18 at 12:56






  • 1





    @Outman application impersonation isn’t necessarily outside the scope of this site. Rather my answer on behavioral implementation of security policy may not be strictly on-topic. If you have all the approvals (in writing, that bit is important) mentioned above, then full steam ahead - as long as you understand that this approach is an anti-pattern at best and a risk to you personally at worst.

    – Peter Vandivier
    Nov 14 '18 at 13:00











  • Just to add to this answer - which I agree with but don't think it necessarily answers the question posited - I only use this as we are a multi-domain site and I often need to open 4-5 SSMS sessions as different domain accounts, all of which are owned by me.

    – George.Palacios
    Dec 5 '18 at 12:03














  • 1





    I really appreciate your concern, but I've already gotten permission to temporarily use her account. As to why my question is outside the scope of this site; I used a real world example for the sole purpose of giving more context since abstracting my question would've been a little bit more confusing. But again, much obliged.

    – Outman
    Nov 14 '18 at 12:56






  • 1





    @Outman application impersonation isn’t necessarily outside the scope of this site. Rather my answer on behavioral implementation of security policy may not be strictly on-topic. If you have all the approvals (in writing, that bit is important) mentioned above, then full steam ahead - as long as you understand that this approach is an anti-pattern at best and a risk to you personally at worst.

    – Peter Vandivier
    Nov 14 '18 at 13:00











  • Just to add to this answer - which I agree with but don't think it necessarily answers the question posited - I only use this as we are a multi-domain site and I often need to open 4-5 SSMS sessions as different domain accounts, all of which are owned by me.

    – George.Palacios
    Dec 5 '18 at 12:03








1




1





I really appreciate your concern, but I've already gotten permission to temporarily use her account. As to why my question is outside the scope of this site; I used a real world example for the sole purpose of giving more context since abstracting my question would've been a little bit more confusing. But again, much obliged.

– Outman
Nov 14 '18 at 12:56





I really appreciate your concern, but I've already gotten permission to temporarily use her account. As to why my question is outside the scope of this site; I used a real world example for the sole purpose of giving more context since abstracting my question would've been a little bit more confusing. But again, much obliged.

– Outman
Nov 14 '18 at 12:56




1




1





@Outman application impersonation isn’t necessarily outside the scope of this site. Rather my answer on behavioral implementation of security policy may not be strictly on-topic. If you have all the approvals (in writing, that bit is important) mentioned above, then full steam ahead - as long as you understand that this approach is an anti-pattern at best and a risk to you personally at worst.

– Peter Vandivier
Nov 14 '18 at 13:00





@Outman application impersonation isn’t necessarily outside the scope of this site. Rather my answer on behavioral implementation of security policy may not be strictly on-topic. If you have all the approvals (in writing, that bit is important) mentioned above, then full steam ahead - as long as you understand that this approach is an anti-pattern at best and a risk to you personally at worst.

– Peter Vandivier
Nov 14 '18 at 13:00













Just to add to this answer - which I agree with but don't think it necessarily answers the question posited - I only use this as we are a multi-domain site and I often need to open 4-5 SSMS sessions as different domain accounts, all of which are owned by me.

– George.Palacios
Dec 5 '18 at 12:03





Just to add to this answer - which I agree with but don't think it necessarily answers the question posited - I only use this as we are a multi-domain site and I often need to open 4-5 SSMS sessions as different domain accounts, all of which are owned by me.

– George.Palacios
Dec 5 '18 at 12:03


















draft saved

draft discarded




















































Thanks for contributing an answer to Database Administrators Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f222501%2fhow-to-access-a-sql-server-database-using-another-user-with-permissions-in-the-s%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

Florida Star v. B. J. F.

Danny Elfman

Lugert, Oklahoma