Francisco Tapia
fhtapia at gmail.com
Thu Mar 10 21:13:50 CST 2005
1) customized SQL logins
What I use is a generic account that double authenticates the user
and password. what this in turn does is, it creates a random uid and
pwd that are passed to the client to use for a one life connection, as
soon as the user disconnects, SQL kills the user and it is as if he
never existed... Internally I am using something I call "Virtual
Users". I generated this because it minimizes generic UIDs that
people want such as ftapia, which is easy to guess, or something like
jsmith. of course there is always the SA account, but we can always
lock that down with extra strong pwds. This also leverages the
ability to login reguardless of OS.
2) roles.
Active Directory is a great tool, and using windows authentication I
see the power of using this setup when you have a diligent DBA and
sysAdmin, in my work environment, this is not the case, so I control
it via roles.
On Thu, 10 Mar 2005 15:14:38 -0500, Arthur Fuller <artful at rogers.com> wrote:
> I would like to take a quick poll on these questions, to get a feel
> (albeit insufficient evidence for objectivity) for what my colleagues do:
>
> 1. Do you use integrated security, or Windows logins + SQL logins?
> 2. Do you use roles, or just users?
>
> TIA,
> Arthur
>
> >
> >
> _______________________________________________
> dba-SQLServer mailing list
> dba-SQLServer at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/dba-sqlserver
> http://www.databaseadvisors.com
>
>
--
-Francisco
http://pcthis.blogspot.com | PC news with out the jargon!
http://sqlthis.blogspot.com | Tsql and More...