Wrox Programmer Forums
|
BOOK: Professional SQL Server 2000 Programming
This is the forum to discuss the Wrox book Professional SQL Server 2000 Programming by Robert Vieira; ISBN: 9780764543791
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Professional SQL Server 2000 Programming section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old March 4th, 2009, 08:02 AM
Authorized User
  
Join Date: Jan 2007
Posts: 31
Thanks: 0
Thanked 0 Times in 0 Posts
Default User Authentication Best Practice
I have created several Sql 2000 Db's over the last year accessed through an Access Front End. In the past I have authenticated Users with SQL Login Accounts.

However as with happens when more people use the systems, I am getting a large number of calls requesting support.

The biggest is resetting User's Passwords. I have hit a brick wall when trying to reset a Users Password through an ADO Connection using the SP_Password Stored Procedure.

I am now wondering whether I should really have a seperate SQL Table containing UserNames / Encrypted Passwords, and move away from SQL Server Authentication.

Added to this is the fact that Users at the moment are members of SQL Groups defining what they can and can't do.

I'd just be interested in other peoples take....


Cheers
 
Old March 5th, 2009, 04:33 AM
Registered User
  
Join Date: Feb 2009
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Cool Re: User Authentication Best Practice
Hi,

The best practice for User Authentication when working with SQL Server is Windows Authentication.

This will reduce your Administration overhead. So the best thing would be add these sql authenticated users to a Windows Group, say your AppUsersGroup that is currently accessing SQL Server.

1) Now open up Enterprise Manager, navigate to the Security Folder and under Logins choose new Login.

2) Now under the login name, choose Search, you can add members from the Active Directory

3) Now your users will be authenticated to SQL Server via Windows Authentication.

Hope this helps

Cheers!

Anil Mahadev
Senior SQL Server DBA
MISPL

http://anilm001.myfreewebs.net
http://www.sqlserverclub.com
http://www.sqlpass.ch
http://www.sqlpass.org
 
Old March 5th, 2009, 06:04 AM
Authorized User
  
Join Date: Jan 2007
Posts: 31
Thanks: 0
Thanked 0 Times in 0 Posts
Default
Thanks for getting back to me.

I appreciate your answer but feel you are removing a layer of security that I need.

I want the User to logon through the Front End with a seperate account.





Similar Threads
Thread Thread Starter Forum Replies Last Post
How to get user name from windows authentication? su C# 1 December 9th, 2006 02:58 AM
user authentication pablohoney Classic ASP Basics 0 October 1st, 2006 11:07 PM
User Authentication Err rizoriz Classic ASP Databases 0 April 23rd, 2006 07:42 AM
User authentication problems bobbby Dreamweaver (all versions) 4 September 28th, 2004 12:46 AM
User Authentication gmoney060 BOOK: Beginning ASP 3.0 1 June 16th, 2004 07:24 AM




Contact Us - Wrox - Privacy Statement - Top

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.