Re: login 101..

---

• From: "Laurentiu Cristofor [MSFT]" <laur@xxxxxxxxxx>
• Date: Tue, 23 May 2006 12:01:52 -0700

---

Just a correction for the SQL Authentication description:

On Windows 2003, SQL Server 2005 can enforce the Windows password complexity
and expiration policy for SQL logins.

Thanks

--
Laurentiu Cristofor [MSFT]
Software Design Engineer
SQL Server Engine
http://blogs.msdn.com/lcris/

This posting is provided "AS IS" with no warranties, and confers no rights.

"Hugo Kornelis" <hugo@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:bsf472h1m7vuhpjlhfi55eekqe47r7nte3@xxxxxxxxxx

On 22 May 2006 08:31:41 -0700, RAB wrote:

What is the difference between 'Windows Authentication' login and 'SQL
login'?

Hi RABMissouri,

Windows authentication - SQL Server uses a special protocol to ask
Windows for the details of the currently logged-in user. If the Windows
user is in the list of allowed logins, the login succeeds wiithout the
user having to enter anything. If the Windows login is not registered as
a SQL Server login, an error message follows.
Advantages: no extra login prompts for user; SQL Server security
benefits from Windows login policies (such as password aging, etc).
Disadvantages: doesn't lend itself for testing; Windows users with admin
rights are automatically logged in as SQL Server admin.

SQL Server login - SQL Server prompts user for loginname and password,
then compares this to list of loginnames and (encrypted) passwords in
system table master..syslogins. On a match, you are logged in.
Advantages: easy when you have to test seecurity for different roles.
Disadvantages: no password expiration, password complexity checks, etc.

I have IIS, MSDE installed on my home computer and I don't log
into windows. So how does 'Windows Authentication' apply in this case?

What version of Windows are yoou using?

--
Hugo Kornelis, SQL Server MVP

.

---

• References:
  • login 101..
    • From: RAB
  • Re: login 101..
    • From: Hugo Kornelis

• Prev by Date: Re: I need backup Master data base?
• Next by Date: who dropped my table in SQL Server?
• Previous by thread: Re: login 101..
• Next by thread: Re: SQL 2005 user not having permissions to write a file in a fold
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Windows Authentication in asp.net 2005 to SQL Server? ... If the domains do not trust each other, Windows authentication is not going ... Basic authentication sometimes makes the need for Kerberos delegation go ... generic account to do the backend data stuff on our SQL Server. ... (microsoft.public.dotnet.framework.aspnet.security) Re: Kerberos / Authentication to SQL2K ... use Windows integrated security for database access. ... That SQL Server be running on the same computer as IIS. ... > authentication until I switched on impersonation either. ... > When set up on my web server however, I get the "Login failed for user ... (microsoft.public.dotnet.framework.aspnet) Re: Remote connection failed ... If you are going over a remote connection or are not logging ... into the domain where SQL Server is then no, Windows ... authentication won't work. ... (microsoft.public.sqlserver.connect) Windows Authentication with IIS on separate machines ... Yes, setting Basic Authentication in IIS works, but the ... >in SQL server but doesn't work if user account was ... >imported from a Windows account. ... (microsoft.public.sqlserver.security) Re: Login failed for ServerGuest ... I think it is not a limitation in Windows 2000. ... access SQL server on Win2000 server by using Windows authenctication if I ... | I have noticed that when I try to log in using Windows Authentication ... (microsoft.public.sqlserver.connect)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.sqlserver.security  > 2006-05