none
NT AUTHORITY\\SYSTEM is not able to access the database

    Question

  • I have a windows service that runs another program A (python) to access sql server 2012 through ODBC. This program A also runs in session 0. On sql server, I created a login with sysadmin role and created a DSN with SQL authentication.  The program A could connect and access database well when it ran in session 2, not session 0.

    If the program A was activated by the service, I got the exception from the program A, as follows.

    ('08004', '[08004] [Microsoft][ODBC SQL Server Driver][SQL Server]The server principal "NT AUTHORITY\\SYSTEM" is not able to access the database "cs_pim" under the current security context. (916) (SQLExecDirectW)')

    After I added sysadmin role to NT AUTHORITY\\SYSTEM on sql server, the program A would work well.

    My questions are as follows.

    1. I had used a DSN with a workable sql server account. Why did the access to DB use "NT AUTHORITY\\SYSTEM" account? It seemed to ignore the SQL authentication in DSN and use NT AUTHORITY\\SYSTEM account to do authentication.

    2. If my program A needs to live in session 0, how should I use DSN to access DB? Or How should I access sql DB from session 0 through ODBC?

    3. In my situation, is it safe or is there any concern that I add sysadmin to NT AUTHORITY\\SYSTEM?

    Thanks.


    • Edited by Joe CL Hsu Wednesday, October 30, 2013 5:50 AM
    Wednesday, October 30, 2013 5:49 AM

All replies