I cannot change sql server user. How can I restrict in SSMS to allow remote connections only specific IP / HostAddress.
How to restrict in SSMS to allow remote connections only specific IP / Host
ssms
Related Solutions
Using SSMS, register the servers you're interested in and group them in a folder. Then you can connect to them all at once like this:
You should not need to specify the port for a named instance (that's kind of the point of the name - and since it's dynamic you won't want to hard-code a port into your connection strings etc. unless you want to change your config files every time the port changes). Try connecting to:
123.123.123.123\SQLEXPRESS
Also make sure that your server is exposed to the Internet on that port (firewalls may be preventing this) and that the SQL Browser service is running.
PS Ping means nothing. You need to try to telnet to the port that SQL Server is exposed on.
Related Question
- SQL Server 2012 – Connection Issues with OSQL and SQLCMD but Not SSMS
- How to Backup SQL Server Database After Evaluation Period Expires
- Sql-server – How to restrict SSMS to list the database of a particular user (Windows 2012 + Plesk)
- Sql-server – Allow user to create databases on server and to see only the databases that are created by him, without creating login first
Best Answer
SSMS is only a tool that connects to a SQL Server instance. SQL Server listens on a specific IP address for connections. It doesn't really care which tool is connecting.
SQL Server is not like PostgreSQL that has a
pg_hba.confwhere you can restrict connections, nor is it MySQL where you assign permissions to auser@sourcecombination when creating the user login.Answer
It's not currently possible by using simple means (PostgreSQL, MySQL), but if you are willing to start creating Logon Triggers (Microsoft Docs), then you might be able to build a restriction that meets your requirements.
The SQL Syntax for triggers can be found in the article CREATE TRIGGER (Transact-SQL) (Microsoft Docs). The article lists an example for a Logon Trigger.
Because your requirements are pretty dire, I am unable to provide a solid solution. Please edit your question and provide as much details as possible.
USE master GO CREATE LOGIN login_test WITH PASSWORD = 'password' MUST_CHANGE, CHECK_EXPIRATION = ON GO GRANT VIEW SERVER STATE TO login_test GO CREATE TRIGGER connection_limit_trigger ON ALL SERVER WITH EXECUTE AS 'login_test' FOR LOGON AS BEGIN IF ORIGINAL_LOGIN()= 'login_test' AND (SELECT COUNT(*) FROM sys.dm_exec_sessions WHERE is_user_process = 1 AND original_login_name = 'login_test') > 3 ROLLBACK ENDAlternative
You could equally create a blocking firewall rule or hack the routing table on the server / network.