about autentisering
Tony Johansson
I have two questions
I just wonder if I use window autentisering for a SQL server on a server
where I can log in to
how can SQL Server let me do so. I assume that SQL Server will not insert
any kind of window account into the SQL Server database. So I can't
understand how SQL Server can use my window account to give me permission to
use SQL Server
Which autentisering is most safe between Window autentisering and SQL
autentisering.
I assume the right answer is SQL autentisering because that you must have an
account in the SQL server database?
//Tony
Erland Sommarskog
they use in this newsgroup. :-)
To be able to log in with Windows authentication, your Windows account
must have been granted access to SQL Server. This can be done in two
ways: directly, or indirectly through a Windows group of which you are
a member. This can be very practical, as user membership then only needs
to be administered in Active Directory.
Note also that to be able to access a certain database, you need to be
granted access to the database, which again can be done per Windows
login or per Windows group.
Windows authentication is generally considered more secure than SQL
authentication. This is particularly true for SQL 2000 and earlier versions
where the password was sent over the wire in a fashion that was fairly
simple to eavesdrop. Furthermore SQL 2000 had no protection whatsoever
against brute-force attacks.
The situation in SQL 2005 is better, but Windows authentication is still
seen as preferrable. SQL authentication should mainly be used when Windows
authentication is difficult to get to work, for instance in a workgroup or
if you need to accept users from a non-trusted domain.
--
Erland Sommarskog, SQL Server MVP, esq...@sommarskog.se
Books Online for SQL Server 2005 at
http://www.microsoft.com/technet/prodtechnol/sql/2005/downloads/books.mspx
Books Online for SQL Server 2000 at
http://www.microsoft.com/sql/prodinfo/previousversions/books.mspx
Tony Johansson
Where do I grant a Window account access to SQL Server.
Is this done in the SQL Server or in windows.
//Tony
"Erland Sommarskog" <esq...@sommarskog.se> skrev i meddelandet
news:Xns9CC89A6FA...@127.0.0.1...
Erland Sommarskog
> Where do I grant a Window account access to SQL Server.
> Is this done in the SQL Server or in windows.
Look up the syntax for CREATE LOGIN in Books Online.
--
Erland Sommarskog, SQL Server MVP, esq...@sommarskog.se
Links for SQL Server Books Online:
SQL 2008: http://msdn.microsoft.com/en-us/sqlserver/cc514207.aspx
SQL 2005: http://msdn.microsoft.com/en-us/sqlserver/bb895970.aspx
SQL 2000: http://www.microsoft.com/sql/prodinfo/previousversions/books.mspx
Tony Johansson
account then I must use SQL authentication
Is that correct understood ?
//Tony
"Erland Sommarskog" <esq...@sommarskog.se> skrev i meddelandet
news:Xns9CC8F1A2A...@127.0.0.1...
Abba
"Tony Johansson" <johansson...@telia.com> wrote in message
news:acuNm.12914$U5.1...@newsb.telia.net...
Erland Sommarskog
> If there is a server that I can't log in to because I don't have a windows
> account then I must use SQL authentication
> Is that correct understood ?
But it is correct, that you cannot always use Windows authentication. For
instance, if you are logged into Windows as THISDOMAIN\Tony, and the
server is in OTHERDOMAIN and there is no trust between the domains. In
this case, you canont log using Windows authentication, even if
THISDOMAIN\Tony is a valid login in that server, but an SQL login is
the only option.
--
Erland Sommarskog, SQL Server MVP, esq...@sommarskog.se
Books Online for SQL Server 2005 at