Hi,

I am having difficulties in creating an assembly in a user database.

I am using an SQL login that is a db_owner of a database. The assembly has
PERMISSION_SET = EXTERNAL_ACCESS.

The first attempt gave these 2 messages:-

Error 1:  Msg 6585, Level 16, State 1, Line 2

Could not impersonate the client during assembly file operation.



Error 2:  Msg 300, Level 14, State 1, Line 2

EXTERNAL ACCESS ASSEMBLY permission denied on object 'server', database
'master'.

I then gave External Access Assemblies permission. This took away the 2nd
message but not the

Error 1:  Msg 6585, Level 16, State 1, Line 2



Does the SQL Login have to be a sysadmin to do this?

Thanks

Chris

Hello Chris,

In a word, yes. You also need the right rights to read the DLL from the source
location (eg, a DACL for the account that windows is running under IIRC).

If you didn't ALTER DATABASE with SET TRUSTWORTHY on, you'll need to do the
"Safety Dance" too. See [0] for more information on that.

[0]: http://www.sqljunkies.com/WebLog/ktegels/articles/SigningSQLCLRAssemblies.aspx

Thank you,
Kent Tegels
DevelopMentor
http://staff.develop.com/ktegels/

Kent,

I forgot to mention that I did alter the user db to set TRUSTWORTHY ON. I
still get the 1st message

Msg 6585, Level 16, State 1, Line 2
Could not impersonate the client during assembly file operation.

BOL talks a lot about the Windows Account. Does this message mean Windows
permissions to the actual DLL?

Chris

Show quote

Hide quote

Hello Chris,

Yes, that's what that means.

Thank you,
Kent Tegels
DevelopMentor
http://staff.develop.com/ktegels/

Kent,

I have the DLL on my workstation. Do I need to have the DLL on the server
and have the authority on the server?

Thanks

Chris

Show quote

Hide quote

Hello Chris,

Well, what you need to have is a way for you to read that file from your
client from the server. I'm guessing at the moment that there's probably
a firewall between you and the server, right? Or can you simply not logon
that Windows Server on which the SQL Server instance is running?

Is there a particular reason you're not using Visual Studio to deploy here?
The reason that I ask is that it issues the create assembly command with
a binary serialization of the assembly, so there's no reason to "read the
file" from your machine. You can see it doing this with SQL profiler.

If nothing else, deploy the assembly to a local SQL Server, then use management
studio to script the assembly out to .SQL file. You could then run that file
on the remote server since the script will have the assembly inline as a
byte stream.

Thank you,
Kent Tegels
DevelopMentor
http://staff.develop.com/ktegels/

Exception trying to import data from Excel .
SQL Server 2005: Error 14258...SQL Server Agent is starting
Tools with/for Express
behavior of command in the 'SQL Query Analyzer'
Sql 2000 Maintenance Plan not deleting old transaction logs