Re: Strange integrated authentication success
- From: "Dan Guzman" <guzmanda@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 19 Dec 2006 07:26:58 -0600
The two boxes have same passwords for Administrator and I logged on with the same passwords. But I don't think same password can be a free passport to the databases.
Windows allows remote authentication using local accounts. If the user name and password are the same on both boxes, the remote OS will let you in under the context of the remote account. I expect you'll see the same behavior if you access the file system, such as accessing the a remote administrative share (\\REMOTE_SERVER\C$).
SQL Server then allows you to connect because the local Administrator account is a member of the BUILTI\Administrators group.
--
Hope this helps.
Dan Guzman
SQL Server MVP
"Han" <hp4444@xxxxxxxxxxxxxxxx> wrote in message news:eVU9zveIHHA.5104@xxxxxxxxxxxxxxxxxxxxxxx
Hello
I am experiencing strange success of authentication.
I have two boxes, one xp-pro and another windows 2003, both have SQL2005.
Two boxes have no relationships except that they are in same network. Really nothing such as account and trusted relationship.
Expecting failure, I tried to connect from xp to win2003 with integrated authentication(trusted_connection=yes).
Result is success. I checked profiler and found the account name is recorded as Administrator.
What happened?
The two boxes have same passwords for Administrator and I logged on with the same passwords. But I don't think same password can be a free passport to the databases.
Do you have any idea?
.
- Follow-Ups:
- References:
- Prev by Date: Re: ASP Impersonation - null user
- Next by Date: Re: ASP Impersonation - null user
- Previous by thread: Re: Strange integrated authentication success
- Next by thread: Re: Strange integrated authentication success
- Index(es):
Relevant Pages
|
