Re: ISV Using SQL Authentication - a login concern

From: dev (anonymous_at_discussions.microsoft.com)
Date: 05/26/04 

Date: Wed, 26 May 2004 11:11:10 -0700

Thanks Geoff and Jasper for your valuable time. See here me out:

1> My app will talk to database always as 1 fixed user. So though I said sa as user, I do plan to do the following for security reasons:
-assign a password to sa
-create a new custom login called something like MyAppUser
-assign a password to MyAppUser
-map MyAppUser to dbo user for my database (I will have only 1 custom database)

2> Now, I was thinking I will assign MyAppUser to sysadmin role but you don't recommend it. So if I don't do it, will backup/restore/attach/detach options work fine with MyAppUser logged in.
-Will multiple clients using my app (which will always login as MyAppUser) be able to login at the same time (from their own machines and database on a central machine).

waiting for your comments. I know I will not get auditing features etc with just one user but that's they way I am required to do to keep everything as simple as possible.

Thanks

Relevant Pages

  • Re: ISV Using SQL Authentication - a login concern
    ... Senior Database Administrator ... > -create a new custom login called something like MyAppUser ... Backup requires dbo or sysadmin membership ... Maybe using NT authentication to an administrator account on ...
    (microsoft.public.sqlserver.security)
  • Re: when to use sa and when not to..
    ... The user with db_owner role can almost all the tasks in the database. ... In general SA can do any activity SQL server wide on all databases. ... > My shrink wrap app uses one database and has 1 login mapped to the same ... > User: MyAppUser ...
    (microsoft.public.sqlserver.server)
  • Re: when to sue sa and when not to
    ... The user with db_owner role can almost all the tasks in the database. ... In general SA can do any activity SQL server wide on all databases. ... > My shrink wrap app uses one database and has 1 login mapped to the same ... > User: MyAppUser ...
    (microsoft.public.sqlserver.security)
  • Re: "exclusive access could not be obtained.." while restoring
    ... Except restore the database if it doesn't exist... ... Tibor Karaszi, SQL Server MVP ... "newbie" wrote in message ... > I think MyAppUser should be fine as it is dbo and hence can do anything on the database.. ...
    (microsoft.public.sqlserver.msde)
  • Re: Portable Database Choice
    ... I searched this group quite a bit looking for database alternatives and did find the options below from this search. ... I'm posting this in the hope it can be of use to other developers in a position similar to mine where I needed a low cost alternative to Pocket Access. ... One app requires synchronization between desktop and mobile device, the other requires a push of data from the desktop to mobile. ...
    (microsoft.public.dotnet.framework.compactframework)