none
Create an ODBC Connection using an alternate AD account RRS feed

  • Question

  • I have a legacy application that requires an ODBC connection to read from my SQL Server 2008 database.  I would like the ODBC driver to connect using an AD account, but not the one with which I log onto my desktop.  How would I go about doing this?  The ODBC Data Source Administrator wizard doesn't allow this in its interface.
    Thursday, April 29, 2010 6:56 PM

Answers

  • If you can't modify the Perl script then you might want to try the ShellRunas utility. I don't know whether there will be issues with UAC under Vista and Windows 7 but your options are becoming rather limited with respect to a trusted connection to SQL Server. The bottom line is that the process (your app) needs to be running under the identity of a domain user, that you want to connect with SQL Server, when implementing integrated security.
    Paul ~~~~ Microsoft MVP (Visual Basic)
    • Marked as answer by SD Eric Monday, May 3, 2010 8:43 PM
    Friday, April 30, 2010 10:29 PM

All replies

  • You can either set up your application to impersonate the domain user in your application and then use trusted authentication to log into SQL Server, or,

    you can use standard SQL Server authentication and pass the user ID and password in a connection string or save it in a System DSN (if using ODBC). For 2008 the ODBC driver is SQL Server Native Client 10.0.

    The following resource may help as well:

    http://www.connectionstrings.com/sql-server-2008

     


    Paul ~~~~ Microsoft MVP (Visual Basic)
    Friday, April 30, 2010 6:08 PM
  • Hi Paul,

    I'm looking into the impersonation option, but everything I've read so far requires editing the application that calls the odbc.  This will problematic for me because the application using the ODBC connection was written in PERL; which I know nothing about.  Is there a way to enact impersonation directly on the ODBC connection?  I'm trying to remove all SQL Server logins from by database, but this legacy app is throwing me a curve.

    Friday, April 30, 2010 9:15 PM
  • If you can't modify the Perl script then you might want to try the ShellRunas utility. I don't know whether there will be issues with UAC under Vista and Windows 7 but your options are becoming rather limited with respect to a trusted connection to SQL Server. The bottom line is that the process (your app) needs to be running under the identity of a domain user, that you want to connect with SQL Server, when implementing integrated security.
    Paul ~~~~ Microsoft MVP (Visual Basic)
    • Marked as answer by SD Eric Monday, May 3, 2010 8:43 PM
    Friday, April 30, 2010 10:29 PM
  • The ShellRunas utility did the trick.  Thanks Paul!
    Monday, May 3, 2010 8:43 PM
  • Hi Eric,... google around and found this forum

    I think I may have somewhat similar problem to yours... I have a VB6 app that needs to connect to SQL2005 (using trusted authentication). Currently it connects to SQL2000 via ADODB connection.

    The application is a multiuser (shared across the network), so in a way I think it still needs to know which user is running the app at one stage of the applications..

    How did you manage to run / execute the  ShellRunas in the code? was it run quietly or registered before hand in the user PC?

    I have been playing around to find the solution for this for about a week now.. dohh :(

    Any further instructions or help would be appreciated good.
    Kevin

     

    Thursday, June 3, 2010 1:27 AM