Re: Anyone can access my Sql Server!
From: Dan Guzman (guzmanda_at_nospam-online.sbcglobal.net)
Date: 09/17/04
- Previous message: Kevin McDonnell [MSFT]: "Re: Encryption and SSL"
- In reply to: ian: "Anyone can access my Sql Server!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 16 Sep 2004 20:53:03 -0500
A Windows account needs to be granted access to SQL Server before a database
can be accessed. If a user can connect to SQL Server via an ODBC DSN using
a trusted connection, then that account must have been granted access,
either directly or through membership of a Windows group.
You can determine the permission path with xp_logininfo. For example:
EXEC master..xp_logininfo 'MyDomain\MyUser'
-- Hope this helps. Dan Guzman SQL Server MVP "ian" <anonymous@discussions.microsoft.com> wrote in message news:0f1501c49c25$940e61b0$a301280a@phx.gbl... >I have Sql Server running an a SBS2003 box. I want to > provide access to a couple of users via the internet. > > At first they couldn't connect because the Authentication > was set to Windows Only. I have changed it to Sql Server > and Windows, and now they can successfully create a DSN > using their credentials. > > What I also have found to my horror is that using NT > authentication, a DSN can be created from anywhere > regardless of the Login ID. When a DSN has been created in > this manner, data can be changed. > > My database is wide open - Help!
- Previous message: Kevin McDonnell [MSFT]: "Re: Encryption and SSL"
- In reply to: ian: "Anyone can access my Sql Server!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
