|
|
 |
BOOK: Professional SQL Server 2000 Programming  | This is the forum to discuss the Wrox book Professional SQL Server 2000 Programming by Robert Vieira; ISBN: 9780764543791 |
|
Welcome to the p2p.wrox.com Forums.
You are currently viewing the BOOK: Professional SQL Server 2000 Programming section of the Wrox p2p Programmer to Programmer discussion community. This is a community of more than 40,000 computer programmers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining our free Wrox p2p community you can post your own programming questions and respond to other programmers’ questions. Registered users also don't have to see the ads that are displayed to guests. Registration is fast, simple and absolutely free so please, join today!
Join today and post to win prizes! Post more to increase your chances of being Wrox’s top poster of the month.
|
 |
March 4th, 2009, 08:02 AM
|
|
Authorized User
|
|
Join Date: Jan 2007
Location: , , United Kingdom.
Posts: 31
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
User Authentication Best Practice
I have created several Sql 2000 Db's over the last year accessed through an Access Front End. In the past I have authenticated Users with SQL Login Accounts.
However as with happens when more people use the systems, I am getting a large number of calls requesting support.
The biggest is resetting User's Passwords. I have hit a brick wall when trying to reset a Users Password through an ADO Connection using the SP_Password Stored Procedure.
I am now wondering whether I should really have a seperate SQL Table containing UserNames / Encrypted Passwords, and move away from SQL Server Authentication.
Added to this is the fact that Users at the moment are members of SQL Groups defining what they can and can't do.
I'd just be interested in other peoples take....
Cheers
|
March 5th, 2009, 04:33 AM
|
|
Registered User
|
|
Join Date: Feb 2009
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Re: User Authentication Best Practice
Hi,
The best practice for User Authentication when working with SQL Server is Windows Authentication.
This will reduce your Administration overhead. So the best thing would be add these sql authenticated users to a Windows Group, say your AppUsersGroup that is currently accessing SQL Server.
1) Now open up Enterprise Manager, navigate to the Security Folder and under Logins choose new Login.
2) Now under the login name, choose Search, you can add members from the Active Directory
3) Now your users will be authenticated to SQL Server via Windows Authentication.
Hope this helps
Cheers!
Anil Mahadev
Senior SQL Server DBA
MISPL
http://anilm001.myfreewebs.net
http://www.sqlserverclub.com
http://www.sqlpass.ch
http://www.sqlpass.org |
March 5th, 2009, 06:04 AM
|
|
Authorized User
|
|
Join Date: Jan 2007
Location: , , United Kingdom.
Posts: 31
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Thanks for getting back to me.
I appreciate your answer but feel you are removing a layer of security that I need.
I want the User to logon through the Front End with a seperate account.
|
| Thread Tools |
Search this Thread |
|
|
|
| Display Modes |
 Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
|
