John W. Colby
jwcolby at colbyconsulting.com
Tue Nov 23 06:17:29 CST 2004
Andrew, You are right, sql server authentication "in the meantime" is becoming the obvious answer. John W. Colby www.ColbyConsulting.com Contribute your unused CPU cycles to a good cause: http://folding.stanford.edu/ -----Original Message----- From: dba-sqlserver-bounces at databaseadvisors.com [mailto:dba-sqlserver-bounces at databaseadvisors.com] On Behalf Of Haslett, Andrew Sent: Tuesday, November 23, 2004 12:07 AM To: 'dba-sqlserver at databaseadvisors.com' Subject: RE: [dba-SQLServer] Back to the login thing Fair enough. However, despite what you've read, I wouldn't say SQL Authentication is *insecure* - well, its definitely no worse than entering a username / password on a website which I'm sure you do from time to time.. You still neet to get access *through firewall and NAT* to the network that the server is on (which is currently your LAN) and *then* guess a username and password for an account on SQL, which *then* must have the necessary privileges to do any harm to the server. And to be honest, if your LAN is compromised, odds are the administrator account will be hacked anyway, giving the user access to the SQL server whether you're using Windows or SQL authentication. Anyway, I'm assuming that whatever the final product, its not going to remain on your home LAN is it? What I'm getting at, is that once its finished, an entirely new security model will need to be implemeted on the server that it will reside on, so its pretty much irrelevant as to how you're accessing the database from EM at the moment. Even if it is to remain on your LAN it takes only the click of a button to switch off SQL Authentication.. Considering the trouble its caused you and the time lost trying to set up Windows Auth, seems pretty pointless not to use SQL Authentication to get the job done in the meantime... -----Original Message----- From: John W. Colby [mailto:jwcolby at colbyconsulting.com] Sent: Friday, 19 November 2004 12:56 AM To: dba-sqlserver at databaseadvisors.com Subject: RE: [dba-SQLServer] Back to the login thing Andrew, While I am the only user of this db ATM, in the near future the owners of the database expect to be able to use it in some undetermined manner. I do not know yet the "how" of the access - it will probably be a mix of web server, remote access and / or vb.net application. In any event I have read (and as you are well aware I am totally ignorant on this stuff) that using windows authentication is more secure. I am therefore making every effort to get this set up from the gitgo to do that so I don't have a "gaping security hole" hanging out there forgotten. John W. Colby www.ColbyConsulting.com Contribute your unused CPU cycles to a good cause: http://folding.stanford.edu/ -----Original Message----- From: dba-sqlserver-bounces at databaseadvisors.com [mailto:dba-sqlserver-bounces at databaseadvisors.com] On Behalf Of Haslett, Andrew Sent: Wednesday, November 17, 2004 11:11 PM To: 'dba-sqlserver at databaseadvisors.com' Subject: RE: [dba-SQLServer] Back to the login thing As we've suggested multiple times, why are you using Windows Only Authentication? If this is just an internal system, then there's no need. Just set up some accounts using SQL Authentication on the other boxes and connect to it using this username and password. Presto. You're done. -----Original Message----- From: John W. Colby [mailto:jwcolby at colbyconsulting.com] Sent: Thursday, 18 November 2004 1:04 PM To: dba-sqlserver at databaseadvisors.com Subject: [dba-SQLServer] Back to the login thing I really need to get query analyzer able to run on Neo2 SQL Server from all of my workstations. I have gone through the systems setting security on the servers to Windows only / System Account. EM is now able to see Neo2 Server from all the workstations, and can in fact browse the tables, open the main table and return records etc. QA however fails at the login with a consistent "Login failed for user 'Neo2\Guest'". Msg 18456, level 16, state1. On Neo1, Neo2 and Soltek1 I am logging in to Windows as Administrator with an identical password on each of those three machines. I can use QA on Neo2 but I cannot use QA on Neo1 or Soltek1 against Neo2. Can anyone help me figure this thing out? I REALLY need to get all my workstations banging queries against SQL Server on Neo2. John W. Colby www.ColbyConsulting.com Contribute your unused CPU cycles to a good cause: http://folding.stanford.edu/ _______________________________________________ dba-SQLServer mailing list dba-SQLServer at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-sqlserver http://www.databaseadvisors.com IMPORTANT - PLEASE READ ******************** This email and any files transmitted with it are confidential and may contain information protected by law from disclosure. If you have received this message in error, please notify the sender immediately and delete this email from your system. No warranty is given that this email or files, if attached to this email, are free from computer viruses or other defects. They are provided on the basis the user assumes all responsibility for loss, damage or consequence resulting directly or indirectly from their use, whether caused by the negligence of the sender or not. _______________________________________________ dba-SQLServer mailing list dba-SQLServer at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-sqlserver http://www.databaseadvisors.com _______________________________________________ dba-SQLServer mailing list dba-SQLServer at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-sqlserver http://www.databaseadvisors.com IMPORTANT - PLEASE READ ******************** This email and any files transmitted with it are confidential and may contain information protected by law from disclosure. If you have received this message in error, please notify the sender immediately and delete this email from your system. No warranty is given that this email or files, if attached to this email, are free from computer viruses or other defects. They are provided on the basis the user assumes all responsibility for loss, damage or consequence resulting directly or indirectly from their use, whether caused by the negligence of the sender or not. _______________________________________________ dba-SQLServer mailing list dba-SQLServer at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-sqlserver http://www.databaseadvisors.com