After you log on to your computer that is running Microsoft Windows Server 2003 by using a Windows user account that has local administrator credentials on your computer, if you try to connect to an instance of Microsoft SQL Server that is running on the computer by using Windows Authentication, the connection may not be successful.
If you use the osql command-line utility to connect to the instance of SQL Server, you may receive the following error message:
Login failed for user '(null)'. Reason: Not associated with a trusted SQL
If you use SQL Query Analyzer to connect to the instance of SQL Server, you may receive the following error message:
Unable to connect to server NameOfTheInstanceOfSQLServer
Server: Msg 18452, Level 16, State 1
[Microsoft][ODBC SQL Server Driver][SQL Server]Login failed for user '(null)'. Reason: Not associated with a trusted SQL
This problem occurs when all the following conditions are true:
- The instance of SQL Server uses the TCP/IP server network library for client connections.
- A Windows user account that is different from the current Windows logon account is set as the service account for the MSSQLServer service that corresponds to your instance of SQL Server.
This problem can occur because the Windows user account that is used to connect to the instance of SQL Server does not have sufficient permissions on your computer. This article discusses one possible cause of this message. The workaround that is discussed in this article will only help if you experience this specific scenario.
To resolve the problem, you must change the user rights settings on your computer to give sufficient permissions to the Windows user account that is used to connect to the instance of SQL Server. To do this, follow these steps.Note
If the Windows user name that is used to connect to the instance of SQL Server is a domain user name and is not a local user name on your computer, you must change the user rights settings by using the Active Directory Users and Computers Microsoft Management Console (MMC) on the computer that acts as the domain controller.
- Click Start, point to Administrative Tools, and then click Local Security Policy.
- In the left pane of the Local Security Settings window, expand Local Policies, and then click User Rights Assignment.
- In the right pane, modify the settings of the policies to add the users who are mentioned in the following table. To do this, under the Policy column header, double-click the corresponding policy, click Add User or Group, and then add a user or group to the policy.
Note "Windows User" indicates the Windows user name that is used to connect to the instance of SQL Server. Before you provide these user rights to the Windows user, make sure that the Windows user is eligible for these user rights on the computer that is running the instance of SQL Server.
Collapse this tableExpand this table
|User right||Policy||Security setting|
|SeImpersonatePrivilege||Impersonate a client after authentication ||Administrators, SERVICE|
|SeLockMemoryPrivilege ||Lock pages in memory||Windows User, Administrators|
|SeBatchLogonRight ||Log on as a batch job||Windows User|
|SeAssignPrimaryTokenPrivilege||Replace a process level token||Windows User|
|SeEnableDelegationPrivilege ||Enable computer and user accounts to be trusted for delegation||Administrators|
|SeChangeNotifyPrivilege||Bypass traverse checking||Windows User|
|SeServiceLogonRight||Log on as a service||Windows User, Administrators|
- Close the Local Security Settings window.
- Restart the instance of SQL Server.
Additionally, if the user rights settings on your computer are defined by using a security template, you must make sure that the specified user rights are modified accordingly in the corresponding security template.
To work around this problem, use one of the following methods:
- Connect to the instance of SQL Server by using SQL Server Authentication.
- Configure the instance of SQL Server to use the Named Pipes server network library for the client connections, and then connect to the instance of SQL Server by using Windows Authentication.
Article ID: 840219 - Last Review: December 12, 2005 - Revision: 2.7
- Microsoft SQL Server 2000 Standard Edition, when used with:
- Microsoft Windows Server 2003, Standard Edition (32-bit x86)
|kbtshoot kbconnectivity kbauthentication kberrmsg kbuser kbconfig kbsecurity kbprb KB840219|