Symptoms
Assume that you have a group on a global controller that has the same name as a group on a domain. When you run the xp_logininfo stored procedure in Microsoft in SQL Server 2012 or SQL Server 2014 to obtain information about the group, the information contains members of the wrong group.For example, you have a forest, forest1.contoso.com, that contains two domains, dom1 and dom2.Notes
-
There is a trust between the domains.
-
Both domains have a group that is named grp1.
-
Both domains have a login that is named login1.
You run the following in dom1:
EXEC xp_logininfo 'dom2\grp1','members'
In this situation, you get the following incorrect results.
|
account name |
type |
privilege |
mapped login name |
permission path |
|---|---|---|---|---|
|
dom1\login1 |
user |
user |
dom1\login1 |
dom2\grp1 |
Typically, you would expect the following results.
|
account name |
type |
privilege |
mapped login name |
permission path |
|---|---|---|---|---|
|
dom2\login1 |
user |
user |
dom2\login1 |
dom2\grp1 |
Resolution
This issue was first fixed in the following cumulative update for SQL Server:
Each new cumulative update for SQL Server contains all the hotfixes and all the security fixes that were included in the previous cumulative update. Check out the latest cumulative updates for SQL Server:
Note You can find information about the latest SQL Server builds from Where to find information about the latest SQL Server builds.
Status
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
References
Learn about the terminology that Microsoft uses to describe software updates.
