Site Sections
Posts
49
Comments
83
Trackbacks
0
January 2009 Entries
Enabling Wireless Network in Windows Server 2008

I don't have any post relating to how I get to know computers in general and why I choose a career in software development, in fact I needed to do that, since I need to continue a meme that a friend of mine forwarded to me.  I'll try to do that sometime later, but suffice to say that it's quite lengthy.  Because of my (yet to posted) background, I usually install stuff myself and fiddle quite a bit with computers by myself.

I had installed quite a bit of Windows-based Microsoft OS, from Windows 95 beta thru Vista; and it is getting easier to do these installations due to the ability to virtualize stuff, so you don't need to have the physical hardware for it.  I wanted to try out the VS2010 CTP a couple of months back, so I decided to install Windows Server 2008 to my laptop, since I'd like to be able to run VS2010 with multiple processors thru 2008's Hypervisor.  I didn't think I'd hit much snags, but I got confused when trying to set up the wireless connection.

Once the OS is installed, I went to Device Manager to install the driver for the wireless card; everything went fine.  So, I then tried to Connect to Network - the dialog only shows that Windows can't find any network. 

Going thru the Set up a connection or network, eventually brought me back to this same dialog.  I was very confused, and reading the help didn't enlighten me any.

One of the reason this situation occur is because I'm actually installing on a physical PC; my installs in the past 2 years have been in Virtual PCs - which meant all network connection are essentially bridged from the guest OS, thus the VPC system will have its Network (the ethernet network by default, not wireless) to use its host OS network connection.  I remembered when installting Vista & XP on a physical PC, wireless almost always work after the driver is installed.  What's going on here?

On a new Windows Server 2008 install, when you log in, there's this Initial Configuration Task window that shows up; I looked there and near the bottom there's this mention of Adding Features. 

I clicked it and to my surprise, the last entry is about Wireless Configuration.  I promptly installed it.

With it installed, now the dialog display the list of wireless networks that the computer detects.  So I clicked on mine and tried to connect; it fails, just saying that Windows can't connect; the diagnostic dialog didn't really help either. 

The wireless setup is also different than the ones I remember in XP - in XP, I would usually just set up my wireless connection manually.  How would I do that in Server 2008?

That option is available in the Network and Sharing Center, thru the option of Manage Wireless Networks.  It took me awhile to look for this, since before installing Wireless configuration, that option wasn't available, so I didn't start looking there.

 

With that option, I went thru setting up a connection profile manually; even though the dialogs are different, but the information requested is much more familiar to me.  After successfully adding my network, I tried to connect to it again - which still fails.

At this point, since I know my wireless network setup, it's a matter of changing properties of my network profile.  I have a pretty weird setup, where I set my 'Network Authentication' to Shared, the default is Open, and will cause any attempt to connect to my wireless network to fail.  At least I know that's the problem because I've been stumped by that before.  Switching this, makes everything work again.

Moral of the story:
1. Always know your wireless network settings, especially ones that are different than typical defaults and cause connection issues.  This is a no brainer - if you don't know what you're doing, prepare to spend lots of time experimenting the first time around.
2. Playing with Virtual PCs is nice; however you eventually have to do a physical installation to gain experience because that's where sometimes things behave differently than installing in Virtual PCs.
3. Windows evolve over time; can't expect your past knowledge to fully support your current need - some things do change.
4. With the opt-in approach, Server 2008 does NOT install wireless support out of the box.  Even though it makes sense to some extent (most servers don't really have wireless NICs, they have physical gigabit NICs), but in this case it held up my experiment for an extra half hour.

Another tip: I usually set up my SSID to not be broadcast; and Windows Server 2008 will show an Unnamed Network in its list. 

It's a good thing when I installed Server 2008, I decided to make it be broadcast, to make things easier to set up, since I know it's usually something that causes problems.  Ubuntu for instance (at least in my installation a couple of months back) can't connect to a non-SSID broadcasting wireless network.  Unfortunately, when I then made this change (switch my router to not broadcast SSID anymore), Windows Server 2008 refuses to automatically connect to my wireless network when I rebooted the machine.

My hypothesis of this behavior is that Windows will scan available networks, can't find the one with any of the names of wireless network profiles that are set up and then fails there.  I know for sure Vista & XP doesn't behave like this, so whether this is because it's a Server OS, thus the behavior differs, or maybe it's related to my particular wireless card's driver or something else it's a possibilitiy.  The image below shows the list of wireless network profiles I've set.

The only way I can get this to connect automatically (when I have my router to not broadcast SSID) is to change the profile's setting to try to connect even when it's not broadcasting. 

I think it's a security hazard, so I usually just change this setting manually (which will allow the system to connect to my unbroadcast SSID network) then change it back.

posted @ Friday, January 30, 2009 7:13 AM | Feedback (12)
SQL 2005 Delegation of Windows Account (How to access file across network from SQL Server)

A fellow peer was looking at an error when trying to configure another developer's database.  All of us are working on the same application, but our install doesn't seem to be working correctly, which causes the DB to not be properly installed, thus this guy is trying to configure it manually.  We are using SQL 2005 (either Express or the regular versions) for our DB servers.

He's using SQL Management Studio, logged in using Windows Authentication and was trying to bulk insert some records (BULK INSERT sometable FROM '\\servername\share name\path\file.ext')and came up with the error:

Cannot bulk load because the file "\\servername\share name\path\file.ext" could not be opened. Operating system error code 5(Access is denied.).

The connection setup that causes the above error is as depicted below:

We're sure that this is because of security, because the same operation worked when we tried it on the database running on the local machine.  Trying to bulk insert from a file in the SQL Server's local drive also works, so we tried figuring out how to solve it.  Spending some 20 minutes fiddling around (we changed the SQL Server's service to use a domain account, we tried sharing on a different computer, etc.) wasn't fruitful.  My interest was piqued enough where I promised myself I need to find out why.

I got some answers to that; per SQL Books Online - as delineated in the Security Considerations sub heading - apparently the SQL security profile used to execute is different whether you're logging in to it as a Windows Authenticated user, or as a SQL user.  If you're connecting to SQL Server as a SQL user, it will use the SQL Server process account security profile; if you're connecting as a Windows Authenticated user, it'll use that Windows' user security profile.  However, it is only valid for that particular SQL Server only.

In the diagram above, if the client connects using SQL user login, then when executing the BULK INSERT statement it will use the SQL Server process account.  In most typical development deployment, this would be NETWORK SERVICE; if the file accessed resides in a typical network share (administered by MIS), most of the time this will result in access denied.  This is because the share has most users/groups to have access, but not Everyone and developer's machines are usually not added as well.  You can simulate this by creating a share locally and if you only add specific users, the SQL statement would fail.

If the client connects using Windows Authentication, then when executing the BULK INSERT statement it will use that particular Windows user's security profile.  However, the security profile is only used IF the statement only operates on the local computer.  Based on the diagram above, the file resides on another server in the network, thus the BULK INSERT statement will still fail.  To have the security credentials to be forwarded, the system has to be configured for Delegation / Impersonation, which needs to be done at the Active Directory level.  Since I don't have a local test domain, I can't quite test this, but the steps to do this is depicted at this blog.  It's pretty involving; since I don't quite specialize in DB, I'm trusting the procedure will work .

I hope this helps others; it doesn't quite help in our case, but researching this allows me to better understand how and why this problem occurs.  At least I have an answer to our client if someone hits this.

As another tip (at least for me), there's this nice xp_cmdshell stored procedure that we use to see if we can access the network directories from the server side.  It's essentially a sproc that allows executing typical command prompts command - so we use it simply by entering: EXEC xp_cmdshell 'dir \\servername\sharename' and it allows us to see immediately whether the system can see that directory or not.

posted @ Monday, January 12, 2009 12:17 PM | Feedback (1)
Archives
Post Categories
News