Msg 15404, Level 16, State 10, Procedure xp_logininfo - missing permissions [duplicate]
-
07-02-2021 - |
Question
I have a server based in the USA, where I am not a domain admin, and my permissions are limited to sql server
only - where I am sysadmin
.
after a migration of a few databases to a new server, I noticed that I needed to go back to the old server to get one of my logins and permissions related.
when I run the following command:
EXEC xp_logininfo 'gplondon';
I get:
Msg 15404, Level 16, State 10, Procedure xp_logininfo, Line 62 [Batch Start Line 6] Could not obtain information about Windows NT group/user 'gplondon', error code 0xffff0002.
I understand I have all the permissions inside sql server to run xp_logininfo
But what other permissions are missing that have disabled me (or the sql server service on that server) to interrogate the active directory?
in other words, everything was working fine before, what permissions are missing now?
Solution
after checking the error log
xp_readerrorlog 0, 1, "error" , NULL, NULL, NULL, N'desc'
finding no errors related to the above
then checking the error message:
BEGIN TRY
EXEC xp_logininfo 'gplondon';
END TRY
BEGIN CATCH
SELECT ERROR_NUMBER() AS ErrorNumber
,ERROR_MESSAGE()
END CATCH;
15404
Could not obtain information about Windows NT group/user 'gplondon', error code 0xffff0002.
investigate: 15404 with Active Directory
with a quick select on sys.server_principals
select * from sys.server_principals
where name = 'gplondon'
I found something obvious: gplondon
does not exist in the active directory, because it is a sql login
from the remarks on the documentation of xp_logininfo
If account_name is a valid Windows user or group that is not associated with a SQL Server login, an empty result set is returned. If account_name cannot be identified as a valid Windows user or group, an error message is returned.