Re: Trusted Connection

From: Wayne Snyder (wsnyder@computeredservices.com)
Date: 10/18/02 

From: "Wayne Snyder" <wsnyder@computeredservices.com>
Date: Thu, 17 Oct 2002 16:37:22 -0700

"Steve Townson" <steve_townson@descorind.com> wrote in message
news:5c2001c275f8$4958f0e0$3bef2ecf@TKMSFTNGXA10...
> Hey all,
>
> Our SQL Server was set up NOT by me, so I really don't
> have a firm grasp of this software.
>
> The person who originally set this SQL Server up, set the
> Authentication to: SQL Server and Windows.
>
> Is this called "Mixed Mode"?

Yes this is mixed mode..

So, if a user successfully
> connects to the server, then when they connect to the
> database via. ODBC, then it will automatically connect
> them to SQL Server?
Users may request a trusted connection or a standard connection. Trusted
connections require that they be logged on to windows , and that their
windows login be a valid sql login... Standard security requires they
provide a user name and password..
>
> If I change the Authentication to "Windows Only", will SQL
> Server prompt the user for a username and password when
> trying to connect to the database via. ODBC?
SQL never prompts for any of this information... It would be provided by an
application or when you are setting up an odbc connection you may store
login information with the connection, or provide it 'on the fly' in your
connection string.

>
> Currently, when the person set the SQL Server up, EVERYONE
> has access to ALL tables, so in SQL Server, I GRANTED and
> REVOKED table access to everyone accordingly, BUT when I
> look at the database via. ODBC, everyone can see EVERY
> table still. BUT, if I log off my computer and log on as
> someone else, then the Trusted connection will not work
> and forces a log onto the database. And if I log onto the
> server using a PC in the plant (they should have NO access
> and I REVOKED ALL TABLE ACCESS), then they still can see
> all tables, as I assume the Mixed Mode comes in, and it
> bypasses all the table permissions for some reason.
>
> In the end, I want the database to give the appropriate
> access to the user logged on, BUT, no matter who is logged
> on, it bypasses the appropriate table access and gives ALL
> table access to everyone.
>
> Any ideas?

Take a look at permissions associated with role in your database named
public... perhaps that is where the extra permissions are being allowed.
>
> Thanks,
> Steve...

Relevant Pages

  • Re: Trusted Connection
    ... HOWEVER, If I check off "Use Trusted Connection", then I ... >HOWEVER, for one of my users, I will create an ODBC DSN ... >for my test database ON THEIR COMPUTER, ... >>> Our SQL Server was set up NOT by me, ...
    (microsoft.public.sqlserver.security)
  • Re: My Book is Incomplete Regarding SQL Commands ;-(
    ... Hitchhiker's Guide to Visual Studio and SQL Server ... Create a Connection object and pass in a ConnectionString to ... manage the database table you reference. ...
    (microsoft.public.dotnet.framework.adonet)
  • Re: [Microsoft][ ODBC SQL Server Drive ] Timeout expired
    ... Have you considered taking ODBC or SQL Server Profiler traces? ... > database using DSN connection using ODBC. ... Checked user permission set on the database. ...
    (microsoft.public.sqlserver.odbc)
  • SQL Server ODBC Driver Ignores Authentication Setting
    ... set their ODBC connections with SQL Server Authentication, ... Microsoft Data Access Components 2.6 RTM, ... authentication to log into the database. ...
    (microsoft.public.sqlserver.security)
  • Re: Strange Problems with ODBC connection to SQL Server
    ... When accessing Jet data, use DAO. ... This way you are not exposing connection information in clear ... >accesses an SQL Server 2000 repository via ODBC data source. ...
    (microsoft.public.data.odbc)