28-02-2019, 12:16 AM
Recently got approval from management to get a Global License, got it, installed using SQL2017, no issues with setup until now.
I have several domain groups created (domain called 'PROD') "VisionAppRD - AllUsers", "VisionAppRD - Admins" among others, but those 2 are what Im testing with now.
According to the DBA, the PROD\VisionAppRD - AllUsers has "Connect", "Execute" and "Select" rights (found that in the FAQ while researching the problem)
Under the Tools | Security Groups, I have 'Administrators' as built in, into that group, Ive added my PROD\dbwillis1 account, Ive also added the PROD\VisionAppRD - Admins domain group.
- I can set permissions and show/hide connections on the folder/tree list.
In the app, Ive created a group 'Users' under Tools | Security Groups, then added my PROD\dbwillis account as well as PROD\VisionAppRD - AllUsers (note my PROD\dbwillis account is also in the domain group 'PROD\VisionAppRD - AllUsers')
Im testing with 2 different machines, so I am not doing any RunAs or switches like that, my issue is when I launch the app on the workstation, I get into the app and I can see folders/connections that Ive enabled for 'Users'
BUT, if I remove my PROD\dbwillis account from the 'Users' group, I cannot launch the app, I get two errors :>
(1)The used account has no permissions to start the program. Please contact your administrator'
clicking OK gives the 2nd error:>
(2)User Has no access
User with the name 'dbwillis' and SID S-1-5-21...... has no access to login
It seems its not pulling the membership of the domain group thats added in the 'Users group ?
Did I miss entering that someplace?
I have several domain groups created (domain called 'PROD') "VisionAppRD - AllUsers", "VisionAppRD - Admins" among others, but those 2 are what Im testing with now.
According to the DBA, the PROD\VisionAppRD - AllUsers has "Connect", "Execute" and "Select" rights (found that in the FAQ while researching the problem)
Under the Tools | Security Groups, I have 'Administrators' as built in, into that group, Ive added my PROD\dbwillis1 account, Ive also added the PROD\VisionAppRD - Admins domain group.
- I can set permissions and show/hide connections on the folder/tree list.
In the app, Ive created a group 'Users' under Tools | Security Groups, then added my PROD\dbwillis account as well as PROD\VisionAppRD - AllUsers (note my PROD\dbwillis account is also in the domain group 'PROD\VisionAppRD - AllUsers')
Im testing with 2 different machines, so I am not doing any RunAs or switches like that, my issue is when I launch the app on the workstation, I get into the app and I can see folders/connections that Ive enabled for 'Users'
BUT, if I remove my PROD\dbwillis account from the 'Users' group, I cannot launch the app, I get two errors :>
(1)The used account has no permissions to start the program. Please contact your administrator'
clicking OK gives the 2nd error:>
(2)User Has no access
User with the name 'dbwillis' and SID S-1-5-21...... has no access to login
It seems its not pulling the membership of the domain group thats added in the 'Users group ?
Did I miss entering that someplace?