none
How to specify a account to connect Database in a domian? RRS feed

  • Question

  • Hi all
        I am not sure that it's suitable to ask this question here.
        
        We are all in a domain. There is a SQL Server 2005 in the domian. We make a app, when using the app, we want to record some information in the sql server. But not everyone has the permission. Can we specify a domain account to connect database and insert a record? If it's possible, what should I do? Thanks!

    Friday, July 17, 2009 1:36 AM

Answers

  • If you only want to use a single account then you would have to use SQL Server security instead (pass the credentials in the connection string). Integrated Security when using a single account is not really an option unless everyone is logging on to the network with that same account, or, you're using a middle tier data access component (like a web service or COM+ component) that runs under the domain account.
    Paul ~~~~ Microsoft MVP (Visual Basic)
    • Marked as answer by jdxyw Monday, July 20, 2009 6:42 AM
    Friday, July 17, 2009 2:02 PM

All replies

  • You could configure SQL Server to support Integrated Security mode that will allow to use single sign on from domain. Then you specify in SQL Server permissions for each individual user or group of users. From the application side when you connect to this SQL Server you should specify "Integrate Security=SSPI" option, so the account user logged into the operating system will be used to log into the database and if user does not have privileges to connect or do some specific tasks, the user will receive an exception. 
     
    Here is the link that describes how to use integrated security mode from ASP.NET applications. Same will be true for Windows Forms application, except you need to skip impersonation and IIS parts, since they are web-related only

    http://msdn.microsoft.com/en-us/library/bsz5788z.aspx

    Val Mazur (MVP) http://www.xporttools.net
    Friday, July 17, 2009 10:28 AM
    Moderator
  • Hi Val
        Thanks for your reply.
         
         You mentioned that we configure SQL Server to support Integrated Security mode, and specify "Integrated Security=SSPI", then use the account user logged into OS to log into the database. But what I mean is that we want everyone use the only one domain account to log into the SQL Server, not the account user logged into OS. Do we need configure SQL Server to support Integrated Security? And what else do we need to do? Thanks
    Friday, July 17, 2009 12:46 PM
  • If you only want to use a single account then you would have to use SQL Server security instead (pass the credentials in the connection string). Integrated Security when using a single account is not really an option unless everyone is logging on to the network with that same account, or, you're using a middle tier data access component (like a web service or COM+ component) that runs under the domain account.
    Paul ~~~~ Microsoft MVP (Visual Basic)
    • Marked as answer by jdxyw Monday, July 20, 2009 6:42 AM
    Friday, July 17, 2009 2:02 PM