[AccessD] Using Windows Authentication with Access/SQL Apps

Dan Waters dwaters at usinternet.com
Tue Nov 25 20:21:38 CST 2008


Hi Stuart,

My customer has set up an Admin group and a Users group for this app, so
we'll be able to preclude administrative changes by a regular user.  But
I'll remind my Admins to keep this in mind.

Thanks!
Dan

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Stuart McLachlan
Sent: Tuesday, November 25, 2008 5:51 PM
To: Access Developers discussion and problem solving
Subject: Re: [AccessD] Using Windows Authentication with Access/SQL Apps

I tend to disagree.  

If the system is designed properly, the database is never "at the mercy of"
users, whether 
they are using SQL Server or Windows authentication to access the data.  

If it is not designed properly,  adding an additional login step is unlikely
to do much for your 
security.

Setting up your system to allow both authentication methods is the key here.

In Dan's case "mostly just so the database knows who is logging in" -
Windows 
Authentication is the easiest for the users. Just make sure than these
accounts don't have a 
lot of power and that any power users/groups are still managed by SQL Server
authenticated 
accounts. 

-- 
Stuart

On 25 Nov 2008 at 14:11, Charlotte Foust wrote:

> If your client has an IT department, they are currently screaming bloody
> murder over that idea.  It means you're leaving your SQL Server database
> at the mercy of any user who logs onto windows and then goes for a long
> coffee break leaving someone else to poke around in their machine.
> 
> Charlotte Foust 
> 
> -----Original Message-----
> From: accessd-bounces at databaseadvisors.com
> [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Dan Waters
> Sent: Tuesday, November 25, 2008 9:58 AM
> To: 'Access Developers discussion and problem solving'
> Subject: [AccessD] Using Windows Authentication with Access/SQL Apps
> 
> I'm working on upsizing one of my customers to SQL.  They have asked if
> we could eliminate the Access workgroup username and password login that
> I currently use (mostly just so the database knows who is logging in).
> 
> With SQL using Windows Authentication, my Access app could simply pick
> up on the current username and go from there, without going through an
> additional username and password entry.
> 
> Has anyone done this?  Any pros, cons, or gotchas?
> 
> Thanks!
> Dan
> 
> 
> 
> 
> --
> AccessD mailing list
> AccessD at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/accessd
> Website: http://www.databaseadvisors.com
> 
> -- 
> AccessD mailing list
> AccessD at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/accessd
> Website: http://www.databaseadvisors.com


-- 
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com




More information about the AccessD mailing list