current community

your communities

more stack exchange communities

Stack Exchange
tour help
Take the 2-minute tour ×
Database Administrators Stack Exchange is a question and answer site for database professionals who wish to improve their database skills and learn from others in the community. It's 100% free, no registration required.
up vote 0 down vote favorite

I am trying to log users logons to my Sql Server (A) in another Sql Server (B, different location physically), but when I try to log in I get the error Login failed ... due to trigger execution and this is the body of my logon trigger:

alter TRIGGER [tgr_blocker]
ON ALL SERVER
FOR LOGON
AS
BEGIN
--
    declare @IP nvarchar(50)
    declare @UN nvarchar(50)
    declare @HostName nvarchar(100)
    declare @ProgramName nvarchar(100)

    set @UN = ORIGINAL_LOGIN()
    select @IP = client_net_address FROM sys.dm_exec_connections WHERE 
        session_id = @@SPID
    SELECT @HostName = host_name, @ProgramName = program_name  FROM 
        sys.dm_exec_sessions   WHERE session_id = @@SPID

    insert into [LinkedServerIP].SecurityLog.dbo.AAA_Logger
    (IP,HostName,UserName,Session,Date,ProgramName,ServerName,Result) 
    values (@IP,@HostName,@UN,@@SPID,GETDATE(),@ProgramName,@@SERVERNAME,'Successful')

end

and when I test the insert in a query it works, but when I log in it does not work and results to the error, I thought maybe Sql Server can not access Linked Servers during Logon Triggers, is that true? If not where else should be the problem?

share|improve this question
    
How are you authenticating the linked server? If you're using integrated (Windows) authentication, chances are the trigger's security context doesn't have permissions on the remote server. –  Daniel Hutmacher Aug 11 at 8:47
    
I'm explicitly using a valid user of linked server who has enough access to write the log as the Linked Server authentication. –  Mahdi Tahsildari Aug 11 at 8:54
    
Can you try explicitly setting the security context of the logon trigger using "EXECUTE AS {loginname}"? msdn.microsoft.com/en-us/library/ms188354.aspx –  Daniel Hutmacher Aug 11 at 9:06
    
@DanielHutmacher I tried but came up with errors, can you help me on the syntax? –  Mahdi Tahsildari Aug 11 at 9:49
    
Check the link for examples. But it goes something like CREATE TRIGGER ... WITH EXECUTE AS [someLogin] AS BEGIN ... –  Daniel Hutmacher Aug 11 at 9:55

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Browse other questions tagged or ask your own question.