We have created a SS2014 AlwaysOn environment and are doing the pre-live testing. I'm currently testing logins and have found an issue that I need help resolving.Background:Primary serverTwo ReplicasWe use the replicas for specific business groups to query so they don't impact the Primary.I created a login on each server.On the primary, I created the user in a database and granted the user read/write.That permission copied to the replicas.I logged into the primary and was able to see the objects in the database.I logged into one of the replicas and wasn't able to see the database objects unless Public had permission to them (we remove that permission, but I set it on one table for testing).Researching and the 'trial and error' method showed that the issue is the login's SID [code="sql"]SELECT SUSER_SID('testLogin')[/code]The only way I found to get the SID to match, was to drop the login from each replica, and run a new CREATE LOGIN script that uses the SID from the Primary.[code="sql"]DROP LOGIN testLogin;GOCREATE LOGIN testLoginWITH PASSWORD = '**********', SID = <copied SID>;[/code]That worked. I could see all the objects on all the replicas.Sounds like I got the solution, so what's the issue?I have hundreds of logins that need created on each server. Getting the SID for each one from the Primary and creating it on the replicas just isn't efficient. Does anyone have a solution to getting the SID to match on the replicas? The best solution would allow me to create the logins on each server and then synch the SIDs with what is on the Primary.-SQLBill
↧