Using Windows Authentication V/s Mixed Authentication
Dec 18, 2006
Hi,
Say, I have configured my SQL to use Mixed Authentication. Now, I have a applicaiton which uses my SQL Server. The application just creates a database in SQL Server and uses the database to store its information.
This application also has a SYSTEM DSN under ODBC through which it accesses the database. For the application to access this database, should I only use SA (as my SQL instance is configured to use Mixed Authentication) or can I use Windows Authentcation too...
If I should only use SA, do we have a documentation which talks about this.
Hi AllI am trying to switch from Windows to Mixed mode authentication on SQLServer 2000. I am right-clicking the server instance in EnterpriseManager and selecting the correct option from the Security tab.Unfortunately, the change I make does not persist when I click OK. Iget no error message, but when I re-open the server properties, theoption has returned to being Windows authentication.Any ideas?Thanks,Kulgan.
I am trying to create a query that can determine if a user id is using mixed mode/windows/both authentication. I need to do this so that it can run on both sql server 2000 and 2005, meaning I can't use any of the sys.* views. Is there a single query could use for both systems? -Kyle
I folks.I Have installed sql server 2005 express and choosed windowsauthentication on instalation, but i make a mistake and now i needmixed authentication, how can i modify this whithout uninstall andinstall again the application?thanks for the help.
I need to change the authentication mode from 'windows' to mixed, its a 4-node participating in always-on... Will this brake/impact alwayson in any way? I know I have to restart the sql instance.
Hi there,I have installed MS SQL Server 2005 on my machine with windows authentication. But now I want to switch the authentication mode to SQL Authentication. I am unable to switch, I can’t find the proper way to do so here in 2005.Could any one help me in doing this?Thank you,-Ahsan
(Using win2k, sqlserver2k, framework 1.1) I have an fairly data-heavy application that uses Windows authentication (Trusted connection/aspnet account) to connect to Sql Server. The site uses IIS basic authentication.
On the dev server everything works fine but when I move to the live server things get strange and it starts to crawl along. (Pages load OK but then it just crawls as it loads the datagrids etc. Sometimes it brings back incomplete/incorrect data )
BUT When I use Sql Authentication to connect to Sql Server and there is no problem at all!
Ok, there is something obviously wrong with the live server (which is identical setup to dev)but I dont know where to start.
I've got two applications which both have a database on my MS SQL 2000 server. The problem is, one application must use Windows Integrated Authentication (which it is currently using and cannot be changed) whilst the other application which I'm trying to configure must use a SQL password.
Since the server has already been configured to use Windows Integrated Authentication for the existing database and application, how do I configure the other database to use the SQL password?
My work is using a shared application which accesses a MSSQL 2000 database. To access the application, the folder on the Windows 2003 Server is shared and users can access the folder through a shared drive.
For the application to access the database, it uses an ODBC connection to the MSSQL server which originally used the SA password.
We have recently switched to using Windows Integrated Authentication because we believe it offers a higher level of security. However the only way in which we have been able to enable this is to add the windows users to the SQL server.
The problem with this is that the application sets permissions for individual users on what records they can see within the database. We have found that by adding the windows users to the SQL Server, they can bypass the permissions the set by the application by simply using any application that can use an ODBC connection, such as Enterprise Manager, and see all the database.
One way around this would be to set up domains of users with access privileges to the tables which reflect the permissions set by the application, and configuring a view of the data so they may only see the records that they have permissions to. However to do this would require a high administrative cost to ensure that changes made in the application are reflected in the privileges of the SQL server.
Instead, is there a way the SQL server can authenticate that the ODBC connection is coming from the correct application using Windows Integrated Authentication?
This would allow the applcation to determine security, and stop users from connecting to the SQL server using other applications.
Alternatively, can the SQL server, using Windows Integrated Authentication, also ask the application to supply a username and password?
Any help with this matter would be greatly appreciated.
In the scenario where you are installing MSDE/SQL Server at a customer site (not your own) is this true:
Assuming the customer has a (Windows) login with admin rights (or is a member of the admins group) over the PC which the server was installed on, there is no way of locking the customer out of any part of the SQL Server installation and its databases as Mixed Authentication (which you can't turn off) will always allow members of the (Windows) admins group to also be a member of the SQL Server admins group???
Hi All,We have started to get the strangest errors with our SQL Server. We useWindows and SQL Server authentication, and have done successfully forthe last year or so. However last week i had trouble connecting to theenterprise manager with my domain credentials. Users connecting to QueryAnalyser have no problems when using their SQL Server logins, the issueonly seems to arrise when a Domain account is provided forauthentication. If we reboot the server all is well for about 1 - 2hours and then we loose the Domain credentials again. Even SQL Agentfails to work when stated with the DOMAINAdministrator account!As i said this has worked for a long time, and we have not made anychanges to the Domain or installed any patches for any of the servers.The error messages normally involve something along the lines of "NoUser 'NULL' blah blah" and "No Trusted SQL Server". We also have anexcel report that is failing with the SQL Server error number 18452. Ihave looked this up on MSDN, and this seems to fall in to the samecategory as our other errors.Any Ideas?We can't reboot the server every 2 hours!*** Sent via Developersdex http://www.developersdex.com ***Don't just participate in USENET...get rewarded for it!
For using different services of SQL SERVER 2005 which is better... Windows Authentication or SQL Server Authentication? what are the advantages and disadvantages of both?
I would like to set 'SQL Server and Windows Authentication mode' of Sql Server 2005 so when user connects to Server he must supply username and password. Here are steps I make :
1. Open Microsoft SQL ServerManagement Studio Express 2. In Object Explorer right click on first (Server) node 3. Select 'Properties' 4. Select Page 'Security' 5. set 'Server authentication' to 'SQL Server and Windows Authentication mode' 6. press OK 7. in popup window fill password ******** and press OK 8. get error message ''operation is not valid due to the current state of the object. (Microsoft.SqlServer.Express.SqlManagerUI)
First post, so greetings!I've been using ASP.NET 2 authentication from an MS SQL 2k5 database now in the web application for my company's customer accounts (file serving, custom webreports, etc). There is currently no support for employees through this web app, but in our plan to go paperless it's become of interest to let the employees access much of their information through the same web portal. The catch is, I'd rather not make them have to use two accounts (one for their domain authentication and one for their web authentication). It's already taken a lot of conditioning to get them to memorize a single username and password.So what I really need is the single Login.aspx page to accept both ASP.NET logins and Domain digest logins, and the Domain digest login needs to be HTTP based (not named pipes). Is this possible at all, and if so, is it possible without making an isapi filter? After all, Microsoft Office Outlook Web Access is served by the exchange server and accepts active directory passwords. So how could I do authentication in this way, and if so, is it possible to have the Outlook Web Access form be accessible from the same session as that of my web server? Thanks, I surely hope someone can help. . . -Brandon
I wonder if it is possible to set forms authentication for report manager but leave report server "as it is". I need to authenticate users from external LDAP and can't use windows authentication for report manager, but I would also like to leave report server open for anonymous users. In that way authenticated administrators could create reports which anonymous users could read.
I tested the Security Extension Sample and got it working when I rewrote the authentication part with my own LDAP authentication.
If I have understood correctly, the report manager is just application inside report server so is it possible to use forms authentication with one application but still leave the report server with Windows authentication?
I need help changing the authentication mode from Windows Authentication to Mixed Mode (for Project Server 2003). I am unable to find the Enterprise Management area. Evidently in this area, I can make this change. Is this the place to make these changes, or is there a better place? I am a novice, only days into this process. I need to setup a Project Server, and it needs Sql to breathe. Please help me!!
I am in the process of rolling out a sql server 2005 enterprise install and had a question regarding authentication. We will be providing sql hosting for a number of groups on our campus, many who are not using our campus-wide active directory, though they all have an AD account.
Windows authentication via the management studio appears to use your AD authentication tokens and will not allow them to enter a username/password combo. Is there any way to configure this?
I would like to use our campus AD for obvious reasons but if there is a requirement for passing tokens this isn't going to work right? It's also going to make database mirroring more of a challenge.
I just upgraded from Windows XP Pro to Windows Vista Bussiness and tried to reinstall SQL Server 2005 Developers Edition. After the installation i downloaded (using microsoft windows update) and installed all the service packs for sql and vista available.
My problem is when i open sql server management studio and try to connect to my default instance using windows authentication and database engine, an 18456 error occurs.
I enabled all the protocols and all the ports I disabled windows firewall and antivirus (eset nod32) I installed all service packs available I have also installed Visual Studio 2005 without installing sqlexpress
But nothing happens!
Please i am very desperate, any information will be gratefully accepted.
This is my installation Information
Code Snippet
Microsoft SQL Server Management Studio 9.00.3042.00 Microsoft Analysis Services Client Tools 2005.090.3042.00 Microsoft Data Access Components (MDAC) 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft MSXML 3.0 5.0 6.0 Microsoft Internet Explorer 7.0.6001.18000 Microsoft .NET Framework 2.0.50727.1434 Operating System 6.0.6001
I am trying to setup cached reports so that one of my larger reports doesn't have to be re-run every time someone wants to view it (the data source only updates every 24 hours).
Anyway I made a new data source, set the report to use that, and in that data source I said to use "SQLexampleUserName" as the stored credentials.
Now when I go to run the report it says: Login failed for user 'username'. The user is not associated with a trusted SQL Server connection.
My SQLExpress seems to be set for windows authentication and not sql server authentication ... I am not quite sure why it is set to windows authentication - I installed this with Visual Studio 2005 and it just seemed to be set that way.Am I able to change this - if I choose sql authentication when connecting I get an errorIf someone could answer this point I would be most grateful !!Patrick
In an effort to eliminate the need to code accounts and passwords into the VB Com calling stored procedures, I would like to use Windows Authentication. I have setup the account that the com is running under to have access to the database. How does this change my connection string. Do I just drop the account and password parameters or do I need to let it know somehow that I want to use Windows Authentication?
I'm having problems with windows authentication. I'm new to using using Microsoft SQL Server. I just migrated from powerbuilder 8 to powerbuilder 10. I'm using OLE DB and can't get the windows authentication to work within the application. Can anyone help....
Hi, I am wondering that do we need to create the separate login at SQL SERVER (server) for all the user using the application for the windows authentication?
How do the windows authentication works? I have a apllication and SQL SERVER (SERVER) running on the same machine. Any user from the same domain can access the application. Application is interacting with the DB through Windows Authentication. Now my question is whether do we need to authenticate each user from the domain at the DB level. That is to craete the login id for all the user for windows authentication.
I remove the windows authentication from enterprise manager. and Now i want to re-assign the the windows authentication . so can i do it from query analyzer.
Hi all,You're all stars, really helpful. Maybe one day i can be :)My question is regarding the authentication in Windows SQL Server 2005.We have setup a sa account. We purchase software from a third partythat runs on it. Before their software logs on the sql server as sa,and does its own access control, windows autentication takes over. Itslogs users on correctly i guess, using a more secure link via thedomain. However, I am probably blind, but where can we assign rights toeach domain user? I.e. stop XXY dropping tables, but allow ABC to droptables?I had a brief look through but could not find anything that stood out,in the SQL Manager.ThanksDavidP.S This is SQL Server 2005 Workgroup edition running on a 2003 windowsdomain server. Alongside a SQL 2000 server, which is running fine usingsa accounts.For those in the same timezones as me... have a good evening.
Hi! Happy New Year!I'm having windows authetication connection problem. Although I cansee all the servers by using SQL Server authentication conncection, Ican see only some of the SQL family servers by using windowsauthentication connection. I checked the servers' properties of that Ican and can't see, but couldn't find any difference. Can someone giveme a direction that will enable me to debugg?If the servers are not in the same domain, how can I see them (windowsauthentication) from the same PC (client)?For some SQL server I even can not login via windows authentication atterminal server. Is any specific setup I should do at server?Thanks!Saiyou