Access to the path 'c:somepath' is denied for MSSQL CLRReceiving “The SELECT permission was denied on the...
Why does Mjolnir fall down in Age of Ultron but not in Endgame?
The art of clickbait captions
What is the function of the corrugations on a section of the Space Shuttle's external tank?
Is there an online tool which supports shared writing?
Can I connect my older mathematica front-end to the free wolfram engine?
Where have Brexit voters gone?
How to cut a climbing rope?
Parallel fifths in the orchestra
Why didn't Thanos use the Time Stone to stop the Avengers' plan?
Can I tell a prospective employee that everyone in the team is leaving?
Make 24 using exactly three 3s
Melodic minor Major 9 chords
Popcorn is the only acceptable snack to consume while watching a movie
How to politely tell someone they did not hit "reply to all" in an email?
Why does this if-statement combining assignment and an equality check return true?
What is a Power on Reset IC?
How to respond to upset student?
Why do most published works in medical imaging try to reduce false positives?
Why isn't 'chemically-strengthened glass' made with potassium carbonate to begin with?
Using credit/debit card details vs swiping a card in a payment (credit card) terminal
In the 3D Zeldas, is it faster to roll or to simply walk?
Does this strict reading of the rules allow both Extra Attack and the Thirsting Blade warlock invocation to be used together?
Compaq Portable vs IBM 5155 Portable PC
Why are GND pads often only connected by four traces?
Access to the path 'c:somepath' is denied for MSSQL CLR
Receiving “The SELECT permission was denied on the object” even though it's been grantedCREATE FILE encountered operating system error 5 (Access is denied.)Broken NTFS Permissions for MSSQL$SQLEXPRESS.NET SQLCLR Assembly not working in SQL Server 2016 (Error msg 10314)Assembly is not authorized for PERMISSION_SET=UNSAFE when creating a CLR assemblyCouldn't install SSMS: A pending restart is blocking setup from completingBULK INSERT getting “Cannot bulk load because … Access is denied” on a file I have access toThe EXECUTE permission was denied on the object 'SPROC', database 'DATABASE', schema 'dbo'View with OPENQUERY won't build in SSDT projectCreating/restoring mdf/ldf to non-default file location giving access denied
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}
I think this is a permissions problem, but I'm having trouble locating it.
I have a group of CLRs on one server (SQL Server 2016) and they work as they should. All are marked UNSAFE and they do various types of file I/O (read, write, copy, move, rename, etc.). I can run them via SSMS or from a job with equal ease.
I need to install them on another server (also SQL Server 2016). Using the original Visual Studio Project I have deployed them to the new sever. They show up in SSMS. That part looks fine.
When I, from SSMS, try to run one I get the following error: "Access to the path 'whatever path I passed in' is denied."
I'm logged into SSMS under my windows login. I have permissions to the database, I'm dbo. I'm an admin on the server. I have permissions in the file system.
What else could I be missing?
sql-server sql-server-2016 permissions sql-clr files
edited 9 hours ago
Solomon Rutzky
51k590188
asked 9 hours ago
WillGWillG
1283
New contributor
WillG is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I think this is a permissions problem, but I'm having trouble locating it.
I have a group of CLRs on one server (SQL Server 2016) and they work as they should. All are marked UNSAFE and they do various types of file I/O (read, write, copy, move, rename, etc.). I can run them via SSMS or from a job with equal ease.
I need to install them on another server (also SQL Server 2016). Using the original Visual Studio Project I have deployed them to the new sever. They show up in SSMS. That part looks fine.
When I, from SSMS, try to run one I get the following error: "Access to the path 'whatever path I passed in' is denied."
I'm logged into SSMS under my windows login. I have permissions to the database, I'm dbo. I'm an admin on the server. I have permissions in the file system.
What else could I be missing?
sql-server sql-server-2016 permissions sql-clr files
edited 9 hours ago
Solomon Rutzky
51k590188
asked 9 hours ago
WillGWillG
1283
New contributor
WillG is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Does the CLR code use any type of impersonation?
– Mr.Brownstone
9 hours ago
No impersonation is done.
– WillG
9 hours ago
add a comment |
I think this is a permissions problem, but I'm having trouble locating it.
I have a group of CLRs on one server (SQL Server 2016) and they work as they should. All are marked UNSAFE and they do various types of file I/O (read, write, copy, move, rename, etc.). I can run them via SSMS or from a job with equal ease.
I need to install them on another server (also SQL Server 2016). Using the original Visual Studio Project I have deployed them to the new sever. They show up in SSMS. That part looks fine.
When I, from SSMS, try to run one I get the following error: "Access to the path 'whatever path I passed in' is denied."
I'm logged into SSMS under my windows login. I have permissions to the database, I'm dbo. I'm an admin on the server. I have permissions in the file system.
What else could I be missing?
sql-server sql-server-2016 permissions sql-clr files
edited 9 hours ago
Solomon Rutzky
51k590188
asked 9 hours ago
WillGWillG
1283
New contributor
WillG is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I think this is a permissions problem, but I'm having trouble locating it.
I have a group of CLRs on one server (SQL Server 2016) and they work as they should. All are marked UNSAFE and they do various types of file I/O (read, write, copy, move, rename, etc.). I can run them via SSMS or from a job with equal ease.
I need to install them on another server (also SQL Server 2016). Using the original Visual Studio Project I have deployed them to the new sever. They show up in SSMS. That part looks fine.
When I, from SSMS, try to run one I get the following error: "Access to the path 'whatever path I passed in' is denied."
I'm logged into SSMS under my windows login. I have permissions to the database, I'm dbo. I'm an admin on the server. I have permissions in the file system.
What else could I be missing?
sql-server sql-server-2016 permissions sql-clr files
sql-server sql-server-2016 permissions sql-clr files
edited 9 hours ago
Solomon Rutzky
51k590188
asked 9 hours ago
WillGWillG
1283
New contributor
WillG is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 9 hours ago
Solomon Rutzky
51k590188
asked 9 hours ago
WillGWillG
1283
New contributor
WillG is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 9 hours ago
Solomon Rutzky
51k590188
edited 9 hours ago
Solomon Rutzky
51k590188
edited 9 hours ago
Solomon Rutzky
51k590188
51k590188
asked 9 hours ago
WillGWillG
1283
New contributor
WillG is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 9 hours ago
WillGWillG
1283
asked 9 hours ago
WillGWillG
1283
1283
New contributor
WillG is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
WillG is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Does the CLR code use any type of impersonation?
– Mr.Brownstone
9 hours ago
No impersonation is done.
– WillG
9 hours ago
add a comment |
Does the CLR code use any type of impersonation?
– Mr.Brownstone
9 hours ago
No impersonation is done.
– WillG
9 hours ago
Does the CLR code use any type of impersonation?
– Mr.Brownstone
9 hours ago
Does the CLR code use any type of impersonation?
– Mr.Brownstone
9 hours ago
No impersonation is done.
– WillG
9 hours ago
No impersonation is done.
– WillG
9 hours ago
add a comment |
3 Answers
3
active
oldest
votes
I have permissions to the database, I'm dbo. I'm an admin on the server. I have permissions in the file system.
None of that matters, typically. Unless you (or whoever coded the SQLCLR methods) implemented Impersonation, then the security context used for external operations is that of the service account running SQL Server (similar to xp_cmdshell behavior). It is that account that needs permission to the path(s) that you are trying to access.
For the sake of completeness regarding file access permissions:
- For local (on the box) access, it is as simple as either
- the service account (default behavior) for the Database Engine (i.e. MSSQLSERVER or MSSQL$InstanceName) service needing permission, or
- if Impersonation has been implemented in the code
and a the login executing the code is a Windows Login, not a SQL Server login, then it is that Windows account that needs permission
but a SQL Server login is being used, the external access is still done as the Database Engine service account
- For remote access (shared drive), constrained delegation might need to be set up (via Active Directory; including SPNs). Good 'ol Kerberos double-hop issue. In this case, you would see a difference between logging into SQL Server from another computer, other than the server it is running on vs logging directly onto the server running SQL Server and then connecting to the local SQL Server instance.
Keep in mind that "DENY"s take precedence over "GRANT"s (just like with SQL Server permissions).
In order to determine if the account used for external access actually has the necessary permission to the folder(s) and/or file(s):
- Go to the "Properties" of the path in question (the specific file or folder reporting the error)
- Go to the "Security" tab
- Click the "Advanced" button
- Go to the "Effective Access" tab
- Click the "select a user" link
- Enter in the fully account name (e.g.
NT ServiceMSSQLSERVER) - Click the "OK" button
- Click the "View effective access" button
- Does that account have access to that resource?
Are there any DENY permissions anywhere in the path that you are trying to access?
ALSO If all the code is doing is file system stuff, then most likely you don't need to have the assembly marked as UNSAFE and it should instead be EXTERNAL_ACCESS. Not too many file system operations should require UNSAFE. One of them is getting a list of fixed drives, but not sure of what else.
answered 9 hours ago
Solomon RutzkySolomon Rutzky
51k590188
I've given the service account (NT ServiceMSSQLSERVER in this case) full control of the G drive. Still seeing the same error.
– WillG
8 hours ago
@WillG Is theG:drive local or remote? The title of the question states theC:drive. Is this different between the system that works and the system that doesn't? If this is a remote file share, the computer account might need to be given access since I believeNT Servicenameis only known locally, hence remote access is done asComputerName$.
– Solomon Rutzky
8 hours ago
Yes, it is local. There are no network mapped drives in this.
– WillG
8 hours ago
Sorry for the confusion, I was using C in the title generically. I didn't want anyone assuming it was a network drive just by the title.
– WillG
8 hours ago
Your are spot on, the files are still set to no access. Looking at "View effective access" I can see that the top level folder (G:) has the permissions I set, but none of the files or folders under that inherited the permissions.
– WillG
7 hours ago
add a comment |
Make sure the service account running SQL server has access to those paths.
That's going to be the account actually interacting with the files on disk.
answered 9 hours ago
BradCBradC
6,79763463
add a comment |
In case that you did all over the ways mentioned above, but it didn't work.
From my experience so far, you may try to open SSMS as Administrator.
answered 3 hours ago
Dat NguyenDat Nguyen
212
Running SSMS "as Administrator" should not have any effect on whether or not SQLCLR code, executed by SQL Server, not by SSMS, has access to the file system. The only exception might be for SQL Server Express LocalDB, as that runs as a user-process and not as a service.
– Solomon Rutzky
3 hours ago
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "182"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
WillG is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f238927%2faccess-to-the-path-c-some-path-is-denied-for-mssql-clr%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
I have permissions to the database, I'm dbo. I'm an admin on the server. I have permissions in the file system.
None of that matters, typically. Unless you (or whoever coded the SQLCLR methods) implemented Impersonation, then the security context used for external operations is that of the service account running SQL Server (similar to xp_cmdshell behavior). It is that account that needs permission to the path(s) that you are trying to access.
For the sake of completeness regarding file access permissions:
- For local (on the box) access, it is as simple as either
- the service account (default behavior) for the Database Engine (i.e. MSSQLSERVER or MSSQL$InstanceName) service needing permission, or
- if Impersonation has been implemented in the code
and a the login executing the code is a Windows Login, not a SQL Server login, then it is that Windows account that needs permission
but a SQL Server login is being used, the external access is still done as the Database Engine service account
- For remote access (shared drive), constrained delegation might need to be set up (via Active Directory; including SPNs). Good 'ol Kerberos double-hop issue. In this case, you would see a difference between logging into SQL Server from another computer, other than the server it is running on vs logging directly onto the server running SQL Server and then connecting to the local SQL Server instance.
Keep in mind that "DENY"s take precedence over "GRANT"s (just like with SQL Server permissions).
In order to determine if the account used for external access actually has the necessary permission to the folder(s) and/or file(s):
- Go to the "Properties" of the path in question (the specific file or folder reporting the error)
- Go to the "Security" tab
- Click the "Advanced" button
- Go to the "Effective Access" tab
- Click the "select a user" link
- Enter in the fully account name (e.g.
NT ServiceMSSQLSERVER) - Click the "OK" button
- Click the "View effective access" button
- Does that account have access to that resource?
Are there any DENY permissions anywhere in the path that you are trying to access?
ALSO If all the code is doing is file system stuff, then most likely you don't need to have the assembly marked as UNSAFE and it should instead be EXTERNAL_ACCESS. Not too many file system operations should require UNSAFE. One of them is getting a list of fixed drives, but not sure of what else.
answered 9 hours ago
Solomon RutzkySolomon Rutzky
51k590188
I've given the service account (NT ServiceMSSQLSERVER in this case) full control of the G drive. Still seeing the same error.
– WillG
8 hours ago
@WillG Is theG:drive local or remote? The title of the question states theC:drive. Is this different between the system that works and the system that doesn't? If this is a remote file share, the computer account might need to be given access since I believeNT Servicenameis only known locally, hence remote access is done asComputerName$.
– Solomon Rutzky
8 hours ago
Yes, it is local. There are no network mapped drives in this.
– WillG
8 hours ago
Sorry for the confusion, I was using C in the title generically. I didn't want anyone assuming it was a network drive just by the title.
– WillG
8 hours ago
Your are spot on, the files are still set to no access. Looking at "View effective access" I can see that the top level folder (G:) has the permissions I set, but none of the files or folders under that inherited the permissions.
– WillG
7 hours ago
add a comment |
I have permissions to the database, I'm dbo. I'm an admin on the server. I have permissions in the file system.
None of that matters, typically. Unless you (or whoever coded the SQLCLR methods) implemented Impersonation, then the security context used for external operations is that of the service account running SQL Server (similar to xp_cmdshell behavior). It is that account that needs permission to the path(s) that you are trying to access.
For the sake of completeness regarding file access permissions:
- For local (on the box) access, it is as simple as either
- the service account (default behavior) for the Database Engine (i.e. MSSQLSERVER or MSSQL$InstanceName) service needing permission, or
- if Impersonation has been implemented in the code
and a the login executing the code is a Windows Login, not a SQL Server login, then it is that Windows account that needs permission
but a SQL Server login is being used, the external access is still done as the Database Engine service account
- For remote access (shared drive), constrained delegation might need to be set up (via Active Directory; including SPNs). Good 'ol Kerberos double-hop issue. In this case, you would see a difference between logging into SQL Server from another computer, other than the server it is running on vs logging directly onto the server running SQL Server and then connecting to the local SQL Server instance.
Keep in mind that "DENY"s take precedence over "GRANT"s (just like with SQL Server permissions).
In order to determine if the account used for external access actually has the necessary permission to the folder(s) and/or file(s):
- Go to the "Properties" of the path in question (the specific file or folder reporting the error)
- Go to the "Security" tab
- Click the "Advanced" button
- Go to the "Effective Access" tab
- Click the "select a user" link
- Enter in the fully account name (e.g.
NT ServiceMSSQLSERVER) - Click the "OK" button
- Click the "View effective access" button
- Does that account have access to that resource?
Are there any DENY permissions anywhere in the path that you are trying to access?
ALSO If all the code is doing is file system stuff, then most likely you don't need to have the assembly marked as UNSAFE and it should instead be EXTERNAL_ACCESS. Not too many file system operations should require UNSAFE. One of them is getting a list of fixed drives, but not sure of what else.
answered 9 hours ago
Solomon RutzkySolomon Rutzky
51k590188
I've given the service account (NT ServiceMSSQLSERVER in this case) full control of the G drive. Still seeing the same error.
– WillG
8 hours ago
@WillG Is theG:drive local or remote? The title of the question states theC:drive. Is this different between the system that works and the system that doesn't? If this is a remote file share, the computer account might need to be given access since I believeNT Servicenameis only known locally, hence remote access is done asComputerName$.
– Solomon Rutzky
8 hours ago
Yes, it is local. There are no network mapped drives in this.
– WillG
8 hours ago
Sorry for the confusion, I was using C in the title generically. I didn't want anyone assuming it was a network drive just by the title.
– WillG
8 hours ago
Your are spot on, the files are still set to no access. Looking at "View effective access" I can see that the top level folder (G:) has the permissions I set, but none of the files or folders under that inherited the permissions.
– WillG
7 hours ago
add a comment |
I have permissions to the database, I'm dbo. I'm an admin on the server. I have permissions in the file system.
None of that matters, typically. Unless you (or whoever coded the SQLCLR methods) implemented Impersonation, then the security context used for external operations is that of the service account running SQL Server (similar to xp_cmdshell behavior). It is that account that needs permission to the path(s) that you are trying to access.
For the sake of completeness regarding file access permissions:
- For local (on the box) access, it is as simple as either
- the service account (default behavior) for the Database Engine (i.e. MSSQLSERVER or MSSQL$InstanceName) service needing permission, or
- if Impersonation has been implemented in the code
and a the login executing the code is a Windows Login, not a SQL Server login, then it is that Windows account that needs permission
but a SQL Server login is being used, the external access is still done as the Database Engine service account
- For remote access (shared drive), constrained delegation might need to be set up (via Active Directory; including SPNs). Good 'ol Kerberos double-hop issue. In this case, you would see a difference between logging into SQL Server from another computer, other than the server it is running on vs logging directly onto the server running SQL Server and then connecting to the local SQL Server instance.
Keep in mind that "DENY"s take precedence over "GRANT"s (just like with SQL Server permissions).
In order to determine if the account used for external access actually has the necessary permission to the folder(s) and/or file(s):
- Go to the "Properties" of the path in question (the specific file or folder reporting the error)
- Go to the "Security" tab
- Click the "Advanced" button
- Go to the "Effective Access" tab
- Click the "select a user" link
- Enter in the fully account name (e.g.
NT ServiceMSSQLSERVER) - Click the "OK" button
- Click the "View effective access" button
- Does that account have access to that resource?
Are there any DENY permissions anywhere in the path that you are trying to access?
ALSO If all the code is doing is file system stuff, then most likely you don't need to have the assembly marked as UNSAFE and it should instead be EXTERNAL_ACCESS. Not too many file system operations should require UNSAFE. One of them is getting a list of fixed drives, but not sure of what else.
answered 9 hours ago
Solomon RutzkySolomon Rutzky
51k590188
I have permissions to the database, I'm dbo. I'm an admin on the server. I have permissions in the file system.
None of that matters, typically. Unless you (or whoever coded the SQLCLR methods) implemented Impersonation, then the security context used for external operations is that of the service account running SQL Server (similar to xp_cmdshell behavior). It is that account that needs permission to the path(s) that you are trying to access.
For the sake of completeness regarding file access permissions:
- For local (on the box) access, it is as simple as either
- the service account (default behavior) for the Database Engine (i.e. MSSQLSERVER or MSSQL$InstanceName) service needing permission, or
- if Impersonation has been implemented in the code
and a the login executing the code is a Windows Login, not a SQL Server login, then it is that Windows account that needs permission
but a SQL Server login is being used, the external access is still done as the Database Engine service account
- For remote access (shared drive), constrained delegation might need to be set up (via Active Directory; including SPNs). Good 'ol Kerberos double-hop issue. In this case, you would see a difference between logging into SQL Server from another computer, other than the server it is running on vs logging directly onto the server running SQL Server and then connecting to the local SQL Server instance.
Keep in mind that "DENY"s take precedence over "GRANT"s (just like with SQL Server permissions).
In order to determine if the account used for external access actually has the necessary permission to the folder(s) and/or file(s):
- Go to the "Properties" of the path in question (the specific file or folder reporting the error)
- Go to the "Security" tab
- Click the "Advanced" button
- Go to the "Effective Access" tab
- Click the "select a user" link
- Enter in the fully account name (e.g.
NT ServiceMSSQLSERVER) - Click the "OK" button
- Click the "View effective access" button
- Does that account have access to that resource?
Are there any DENY permissions anywhere in the path that you are trying to access?
ALSO If all the code is doing is file system stuff, then most likely you don't need to have the assembly marked as UNSAFE and it should instead be EXTERNAL_ACCESS. Not too many file system operations should require UNSAFE. One of them is getting a list of fixed drives, but not sure of what else.
answered 9 hours ago
Solomon RutzkySolomon Rutzky
51k590188
edited 5 hours ago
answered 9 hours ago
Solomon RutzkySolomon Rutzky
51k590188
answered 9 hours ago
Solomon RutzkySolomon Rutzky
51k590188
answered 9 hours ago
Solomon RutzkySolomon Rutzky
51k590188
51k590188
I've given the service account (NT ServiceMSSQLSERVER in this case) full control of the G drive. Still seeing the same error.
– WillG
8 hours ago
@WillG Is theG:drive local or remote? The title of the question states theC:drive. Is this different between the system that works and the system that doesn't? If this is a remote file share, the computer account might need to be given access since I believeNT Servicenameis only known locally, hence remote access is done asComputerName$.
– Solomon Rutzky
8 hours ago
Yes, it is local. There are no network mapped drives in this.
– WillG
8 hours ago
Sorry for the confusion, I was using C in the title generically. I didn't want anyone assuming it was a network drive just by the title.
– WillG
8 hours ago
Your are spot on, the files are still set to no access. Looking at "View effective access" I can see that the top level folder (G:) has the permissions I set, but none of the files or folders under that inherited the permissions.
– WillG
7 hours ago
add a comment |
I've given the service account (NT ServiceMSSQLSERVER in this case) full control of the G drive. Still seeing the same error.
– WillG
8 hours ago
@WillG Is theG:drive local or remote? The title of the question states theC:drive. Is this different between the system that works and the system that doesn't? If this is a remote file share, the computer account might need to be given access since I believeNT Servicenameis only known locally, hence remote access is done asComputerName$.
– Solomon Rutzky
8 hours ago
Yes, it is local. There are no network mapped drives in this.
– WillG
8 hours ago
Sorry for the confusion, I was using C in the title generically. I didn't want anyone assuming it was a network drive just by the title.
– WillG
8 hours ago
Your are spot on, the files are still set to no access. Looking at "View effective access" I can see that the top level folder (G:) has the permissions I set, but none of the files or folders under that inherited the permissions.
– WillG
7 hours ago
I've given the service account (NT ServiceMSSQLSERVER in this case) full control of the G drive. Still seeing the same error.
– WillG
8 hours ago
I've given the service account (NT ServiceMSSQLSERVER in this case) full control of the G drive. Still seeing the same error.
– WillG
8 hours ago
@WillG Is the
G: drive local or remote? The title of the question states the C: drive. Is this different between the system that works and the system that doesn't? If this is a remote file share, the computer account might need to be given access since I believe NT Servicename is only known locally, hence remote access is done as ComputerName$.– Solomon Rutzky
8 hours ago
@WillG Is the
G: drive local or remote? The title of the question states the C: drive. Is this different between the system that works and the system that doesn't? If this is a remote file share, the computer account might need to be given access since I believe NT Servicename is only known locally, hence remote access is done as ComputerName$.– Solomon Rutzky
8 hours ago
Yes, it is local. There are no network mapped drives in this.
– WillG
8 hours ago
Yes, it is local. There are no network mapped drives in this.
– WillG
8 hours ago
Sorry for the confusion, I was using C in the title generically. I didn't want anyone assuming it was a network drive just by the title.
– WillG
8 hours ago
Sorry for the confusion, I was using C in the title generically. I didn't want anyone assuming it was a network drive just by the title.
– WillG
8 hours ago
Your are spot on, the files are still set to no access. Looking at "View effective access" I can see that the top level folder (G:) has the permissions I set, but none of the files or folders under that inherited the permissions.
– WillG
7 hours ago
Your are spot on, the files are still set to no access. Looking at "View effective access" I can see that the top level folder (G:) has the permissions I set, but none of the files or folders under that inherited the permissions.
– WillG
7 hours ago
add a comment |
Make sure the service account running SQL server has access to those paths.
That's going to be the account actually interacting with the files on disk.
answered 9 hours ago
BradCBradC
6,79763463
add a comment |
Make sure the service account running SQL server has access to those paths.
That's going to be the account actually interacting with the files on disk.
answered 9 hours ago
BradCBradC
6,79763463
add a comment |
Make sure the service account running SQL server has access to those paths.
That's going to be the account actually interacting with the files on disk.
answered 9 hours ago
BradCBradC
6,79763463
Make sure the service account running SQL server has access to those paths.
That's going to be the account actually interacting with the files on disk.
answered 9 hours ago
BradCBradC
6,79763463
edited 9 hours ago
answered 9 hours ago
BradCBradC
6,79763463
answered 9 hours ago
BradCBradC
6,79763463
answered 9 hours ago
BradCBradC
6,79763463
6,79763463
add a comment |
add a comment |
In case that you did all over the ways mentioned above, but it didn't work.
From my experience so far, you may try to open SSMS as Administrator.
answered 3 hours ago
Dat NguyenDat Nguyen
212
Running SSMS "as Administrator" should not have any effect on whether or not SQLCLR code, executed by SQL Server, not by SSMS, has access to the file system. The only exception might be for SQL Server Express LocalDB, as that runs as a user-process and not as a service.
– Solomon Rutzky
3 hours ago
add a comment |
In case that you did all over the ways mentioned above, but it didn't work.
From my experience so far, you may try to open SSMS as Administrator.
answered 3 hours ago
Dat NguyenDat Nguyen
212
Running SSMS "as Administrator" should not have any effect on whether or not SQLCLR code, executed by SQL Server, not by SSMS, has access to the file system. The only exception might be for SQL Server Express LocalDB, as that runs as a user-process and not as a service.
– Solomon Rutzky
3 hours ago
add a comment |
In case that you did all over the ways mentioned above, but it didn't work.
From my experience so far, you may try to open SSMS as Administrator.
answered 3 hours ago
Dat NguyenDat Nguyen
212
In case that you did all over the ways mentioned above, but it didn't work.
From my experience so far, you may try to open SSMS as Administrator.
answered 3 hours ago
Dat NguyenDat Nguyen
212
answered 3 hours ago
Dat NguyenDat Nguyen
212
answered 3 hours ago
Dat NguyenDat Nguyen
212
answered 3 hours ago
Dat NguyenDat Nguyen
212
212
Running SSMS "as Administrator" should not have any effect on whether or not SQLCLR code, executed by SQL Server, not by SSMS, has access to the file system. The only exception might be for SQL Server Express LocalDB, as that runs as a user-process and not as a service.
– Solomon Rutzky
3 hours ago
add a comment |
Running SSMS "as Administrator" should not have any effect on whether or not SQLCLR code, executed by SQL Server, not by SSMS, has access to the file system. The only exception might be for SQL Server Express LocalDB, as that runs as a user-process and not as a service.
– Solomon Rutzky
3 hours ago
Running SSMS "as Administrator" should not have any effect on whether or not SQLCLR code, executed by SQL Server, not by SSMS, has access to the file system. The only exception might be for SQL Server Express LocalDB, as that runs as a user-process and not as a service.
– Solomon Rutzky
3 hours ago
Running SSMS "as Administrator" should not have any effect on whether or not SQLCLR code, executed by SQL Server, not by SSMS, has access to the file system. The only exception might be for SQL Server Express LocalDB, as that runs as a user-process and not as a service.
– Solomon Rutzky
3 hours ago
add a comment |
WillG is a new contributor. Be nice, and check out our Code of Conduct.
WillG is a new contributor. Be nice, and check out our Code of Conduct.
WillG is a new contributor. Be nice, and check out our Code of Conduct.
WillG is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Database Administrators Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f238927%2faccess-to-the-path-c-some-path-is-denied-for-mssql-clr%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Does the CLR code use any type of impersonation?
– Mr.Brownstone
9 hours ago
No impersonation is done.
– WillG
9 hours ago