Francisco H Tapia
fhtapia at hotmail.com
Wed Apr 30 16:00:37 CDT 2003
Arthur, Per the http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ado270/htm/pg_ado_providers_6.asp TRUSTED CONNECTION, Indicates the user authentication mode. This can be set to Yes or No. The default value is No. If this property is set to Yes, then SQLOLEDB uses Microsoft Windows NT Authentication Mode to authorize user access to the SQL Server database specified by the Location and Datasource property values. If this property is set to No, then SQLOLEDB uses Mixed Mode to authorize user access to the SQL Server database. The SQL Server login and password are specified in the User Id and Password properties. -Francisco http://rcm.netfirms.com On Wednesday, April 30, 2003 1:50 PM [GMT-8], Arthur Fuller <artful at rogers.com> wrote: : That's what I thought, and not what I want. I need the security of : separate windows and sql logins. There's history here that I cannot : simply revise, I have to live with decisions made by others and me : years ago. Even if I were free to make changes in this context, I : remain unconvinced that integrated security is better. All I can see : is simpler. As I see it, even assuming that you can log in, then you : still have to pass another test in order to get anywhere near the : database -- except in the case of Anonymous, who maps to Public. That : looks to me like wearing two condoms :-) : : What precisely does a trusted connection do? Assume that you're cool : and automatically let you into the database? And what does an : untrusted connection do? Assume you're uncool and demand a password : (at either or both the windows and sql levels)? : : Anyway, if SSPI = Windows authentication, I need the alternative: : mixed-mode authentication or whatever its name is (windows login + : sql login). : : My vague game plan was to have a login called Anonymous with no : password and decidely limited privileges. Then the web site can open : the door for anyone. Other logins would correspond to employees, : sales reps and so on, all aggregated into roles defining their : privileges. The BOD could see reports that mere mortals couldn't. My : Access app already does this, but now I need my .NET app to do it :-) : : Arthur : : -----Original Message----- : From: Jim DeMarco [mailto:Jdemarco at hshhp.org] : Sent: April 30, 2003 9:15 AM : To: artful at rogers.com : Subject: RE: [dba-VB] Trusted Connection versus What? : : : I believe that's Windows Authentication. You see this in the M$ : DataLink generated connect string when you create a new data link and : specify Windows NT Integrated Security in the login info section. : Don't know what it stands for though. : : BTW, did a quick search on google and I see it used in .NET connect : strings as well so it does still exist. : : Jim DeMarco : : : _______________________________________________ : dba-SQLServer mailing list : dba-SQLServer at databaseadvisors.com : http://databaseadvisors.com/mailman/listinfo/dba-sqlserver : http://www.databaseadvisors.com