Wrox Programmer Forums
Go Back   Wrox Programmer Forums > SQL Server > SQL Server 2000 > SQL Server 2000
SQL Server 2000 General discussion of Microsoft SQL Server -- for topics that don't fit in one of the more specific SQL Server forums. version 2000 only. There's a new forum for SQL Server 2005.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the SQL Server 2000 section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
Old June 16th, 2003, 10:29 AM
Authorized User
Join Date: Jun 2003
Posts: 15
Thanks: 0
Thanked 0 Times in 0 Posts
Default Confused about NT Integrated Security

I am running an Access project (.adp) against a SQL Server 2000 database. I have setup users and roles so that my users cannot inadvertently delete important server objects (like entire tables). When I setup my Access front end on their machines I choose the username/password security option from the Connection menu. My problem is that I realized that if I were a user on these machines I could just go into the Connection menu and change the security to Windows NT integrated and have full access to do whatever I want in the db.
How are integrated security permissions handled? Are they treated differently than username/password? Where is the username password in the NT scheme? Is it the windows login? We have Novell running as well that has it's own login, could this be confusing things?
This is my first foray into trying to secure anything computer-related and it's a fairly extensive topic. I could use any help?
Thanks in advance.
Old June 16th, 2003, 12:20 PM
Friend of Wrox
Join Date: Jun 2003
Posts: 839
Thanks: 0
Thanked 1 Time in 1 Post

quote:Originally posted by VBAHole22
 My problem is that I realized that if I were a user on these machines I could just go into the Connection menu and change the security to Windows NT integrated and have full access to do whatever I want in the db.

Windows Integrated Security simply means that a user attempting to connect to a SQL Server database does not supply an explicit username and password; instead, the server obtains the user's NT logon account information and uses that to validate access to the server and/or database. If that NT username is not an authorized user of the server and database, or if the user is not a member of a NT user group which is authorized access to the server or database, the user will not be granted access.

The difference between the two modes is whether SQL Server maintains the UserName and Password internally and validates a user presenting a UserName/Password against that information, or whether the server obtains the connecting user's NT user account information and validates using that.

In either case, you must define the level of access granted to the UserName (or optionally, in the case of Integrated Security, the group it is in).

You still have complete control over which databases and what kind of access to grant, since you must still set up the UserName as a valid user in SQL Server in either case. With Integrated Security, though, you can instead manage users at the group level. Thus users can be added or deleted simply by adding or removing them from the NT login group, without having to go to the Server at all to manage the accounts.

Jeff Mason
Custom Apps, Inc.

Similar Threads
Thread Thread Starter Forum Replies Last Post
Code Access Security & Role Based Security robzyc C# 6 April 11th, 2008 02:31 AM
Integrated Security using Active Directory aldwinenriquez .NET Framework 2.0 1 May 4th, 2007 07:15 AM
confused mohabedalgani VB.NET 2002/2003 Basics 3 March 30th, 2005 11:48 PM
Windows Integrated Security with Java Servlets tbpbanit01 Servlets 0 March 24th, 2004 08:57 AM
Windows Integrated Security Problem lbob Classic ASP Databases 4 August 8th, 2003 07:44 AM

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.