Re: Linked server access

From: Greg Gonzalez (ghg@intercerve.com)
Date: 11/02/02 

From: "Greg Gonzalez" <ghg@intercerve.com>
Date: Sat, 2 Nov 2002 10:41:37 -0500

Actually this shouldn't be the case. Simply do not define any login
mappings (Linked Server Props-->Security tab) for those accounts that you
don't want to have access to server B, then set "(For a login not defined
above connections will) Be made using this security context" to a sql user
account that has the appropriate permissions on server B.

This assumes that the users you want to restrict haven't been directly
granted any login rights or permissions on server B, as Mike mentioned.

- greg gonzalez

"greg" <gregory.goualard@airliquide.com> wrote in message
news:fdc601c27f23$1437a850$37ef2ecf@TKMSFTNGXA13...
> I did it. I created an account on the server B and set the
> linked server in order to do the mapping between this
> account and the external users account off the server A.
>
> The problem is, when a trigger of database A fires, it is
> executed with the external users rights so that I have to
> give them the rights on the database B tables too.
>
>
>
> >-----Original Message-----
> >How is your ,linked server authoentication set up?
> >
> >If you want to be selective about the use of it then
> >prevent users from accessing db B by not creating logins
> >for them, and change the authoentication on the linked
> >server to use the user's own security context rather than
> >say 'sa'
> >
> >
> >>-----Original Message-----
> >>Hi,
> >>
> >>I wonder if it's possible to restrict the access to a
> >>linked server object like I could do with a table
> >(select,
> >>update, delete,...).
> >>
> >>My application stands on two databases A and B on two
> >>different servers.
> >>External users can insert data into the database A. Then
> >>triggers sends data to the database B via the linked
> >>server. Naturally, I don't want external users accessing
> >>directly to the database B. Yet, it's possible if they
> >>execute requests through the linked server...
> >>
> >>Is it possible to avoid this security hole ?
> >>.
> >>
> >.
> >

Relevant Pages

  • Re: External users vs internal users.
    ... I think I need help with the design full-stop. ... To have Team and Meeting sites available to groups of external users. ... Then you'll need a separate WSS farm for this since you're using account ... > server, with Portal server on an internal server, but both use the same ...
    (microsoft.public.sharepoint.portalserver)
  • Re: Setting up Linked server to MsAccess
    ... This will set the security so anyone using the linked server ... At the database level I have added my Server login ...
    (microsoft.public.sqlserver.security)
  • Re: MAS90
    ... To set up a linked server from SQL Server 2000 to MAS90 using Enterprise ...
    (comp.databases.ms-access)
  • Re: Linked Server to MS Access DB: Login Mapping Error
    ... >connected to a different SQL server in Query Analyzer. ... Under "Linked Server" I put the name I wanted to reference it by. ... Put path to location of database in "Data Source" (in this case, ... >made without using a security context" option was checked. ...
    (microsoft.public.sqlserver.security)
  • Sendmail error: "Relaying denied. Proper authentication required."
    ... I have no trouble sending mail from my server to ... I usually get mail from external users by having ... When I send mail from an external webmail account to my account on my ... Perhaps I am misunderstanding relaying, but I thought that *relaying* is ...
    (linux.redhat.misc)