Using runas command to remotely logging into SQL Server

StackOverflow https://stackoverflow.com/questions/13312346

  •  28-11-2021
  •  | 
  •  

Question

I am stuck at this point using the runas command. I am trying to log into a remote SQL Server instance using Windows Authentication on that server. I am using this command -

runas /netonly /user:Domain\Username 
      /server=someIP "C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe"

But when I do this, it opens up my Management Studio - the IP is of the remote server, Windows authentication is selected by default and I have my current system's domain and username.

I actually need a way to specify a connection string to log into a remote SQL Server and fire queries on it. It's cross domain.

One more question - do I need to have Management Studio on the machine I fire the query from?

Thanks.

EDIT

I am rephrasing for better understanding.

I have server A and server B(two separate computers). I need to fire a query from A on B. A does not have any sql server or management studio. B has both. I have to use windows authentication(something like myDomain\username) to log-in into sql server of B. I am using the runas command that I mentioned in the 'Target' in the properties of management studio on B. Is that wrong? I am logging in into A using a different username(but same domain) as that I have to login into B. How do I accomplish this task?

Thanks and sorry for the late edit.

Was it helpful?

Solution

I use the following on a shortcut to run SSMS on an xp image that is NOT on the domain to connect to a server using domain credentials.

%windir%\System32\runas.exe /netonly /user:domain\username "C:\Program Files\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe -S SERVERNAME"

OTHER TIPS

That is correct, /netonly will open your current environment, and SSMS will foolishly display your credentials in the login dialogs. This is to be expected, since /netonly really means that the provided identity will be used only on the net. However, when you authenticate with any remote resource the remote site will authenticate you as 'domain\username'.

You probably don't need the /server option.

I can't comment so I will give new answer. To use shortcut with server name

%windir%\System32\runas.exe /netonly /user:domain\username "C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\ManagementStudio\Ssms.exe -S SERVERNAME"

You first need to add server name and server IP to Your host file:

C:\Windows\System32\drivers\etc\hosts

Without it You need to use server IP:

%windir%\System32\runas.exe /netonly /user:domain\username "C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\ManagementStudio\Ssms.exe -S SERVER_IP"

For example You want to connect to server 10.10.10.123 using name MSSQLSERVER01 in domain MASTER using account name STACKUSER2019. So You add this line to host file:

10.10.10.123 MSSQLSERVER01

and after it run from CMD or from shortcut:

%windir%\System32\runas.exe /netonly /user:MASTER\STACKUSER2019 "C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\ManagementStudio\Ssms.exe -S MSSQLSERVER01"

Step 1: Navigate to the ssms.exe file

SSMS 2016 version: 

C:\Program Files (x86)\Microsoft SQL Server\130\Tools\Binn\ManagementStudio\Ssms.exe

SSMS 2017 version: 

C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\ManagementStudio\Ssms.exe

right click on ssms.exe and select Properties

then the tab Compatibility

and click on the button Change settings for all users

Check Run this program as an administrator and click OK

Step 2: make a shortcut with this path

SSMS 2016 version: C:\Windows\System32\runas.exe /savecred /user:domain\username "cmd /c \"C:\Program Files (x86)\Microsoft SQL Server\130\Tools\Binn\ManagementStudio\Ssms.exe\""

SSMS 2017 version: C:\Windows\System32\runas.exe /savecred /user:domain\username "cmd /c \"C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\ManagementStudio\Ssms.exe\""

NOTE: the cmd /c in the path, this makes the whole difference.

Thats it. Hope it workes for you.

PS: About step one, if you only want to make the changes to start the application as admin for the specific user, login as that user on the computer and do the same as step without the Change settings for all users

In case connection using name-pipe is not available, (i.e you can't connect using SERVERNAME) then you can use the IP address, for e.g:

%windir%\System32\runas.exe /netonly /user:domain\username "Ssms.exe -S 10.20.30.10"

The path to SSMS.exe depends on your SQL engine version:

  • 2008 R2: C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe
  • 2012 : C:\Program Files (x86)\Microsoft SQL Server\110\Tools\Binn\ManagementStudio\Ssms.exe
  • 2014 : C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\ManagementStudio\Ssms.exe
  • 2016 : C:\Program Files (x86)\Microsoft SQL Server\130\Tools\Binn\ManagementStudio\Ssms.exe
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top