Re: ISV Using SQL Authentication - a login concern
From: Geoff N. Hiten (SRDBA_at_Careerbuilder.com)
Date: 05/26/04
- Next message: Gary: "SQL Accounts"
- Previous message: dev: "Re: ISV Using SQL Authentication - a login concern"
- In reply to: dev: "Re: ISV Using SQL Authentication - a login concern"
- Next in thread: dev: "Re: ISV Using SQL Authentication - a login concern"
- Reply: dev: "Re: ISV Using SQL Authentication - a login concern"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 26 May 2004 15:31:15 -0400
Comments Inline
-- Geoff N. Hiten Microsoft SQL Server MVP Senior Database Administrator Careerbuilder.com I support the Professional Association for SQL Server www.sqlpass.org "dev" <anonymous@discussions.microsoft.com> wrote in message news:969AEAF6-4AAD-4788-975C-F2F186EA23FA@microsoft.com... > Thanks Geoff and Jasper for your valuable time. See here me out: > > 1> My app will talk to database always as 1 fixed user. So though I said sa as user, I do plan to do the following for security reasons: > -assign a password to sa > -create a new custom login called something like MyAppUser > -assign a password to MyAppUser > -map MyAppUser to dbo user for my database (I will have only 1 custom database) OK, this is very different than running SA for everything. Much better. > > 2> Now, I was thinking I will assign MyAppUser to sysadmin role but you don't recommend it. So if I don't do it, will backup/restore/attach/detach options work fine with MyAppUser logged in. You can backup an active database with users in it. Restore, detach, and attach require that nobody be in the database Backup requires dbo (database.db_owner) or sysadmin membership Restore Requires sysadmin or dbcreator role membership. Attach requires sysadmin or dbcreator role membership Detach requires sysadmin. I suggest an administrative connection different from the normal app connection. Maybe using NT authentication to an administrator account on the host computer. . > -Will multiple clients using my app (which will always login as MyAppUser) be able to login at the same time (from their own machines and database on a central machine). Yes. Again, SQL doesn't care that several connections from one or many machines use the same login credentials. > > waiting for your comments. I know I will not get auditing features etc with just one user but that's they way I am required to do to keep everything as simple as possible. > > Thanks
- Next message: Gary: "SQL Accounts"
- Previous message: dev: "Re: ISV Using SQL Authentication - a login concern"
- In reply to: dev: "Re: ISV Using SQL Authentication - a login concern"
- Next in thread: dev: "Re: ISV Using SQL Authentication - a login concern"
- Reply: dev: "Re: ISV Using SQL Authentication - a login concern"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
