I want to log into the SQL server (from Query Analyzer) using my
domain account. To allow this, I went into Logins section in
Enterprise Manager and added my user account as a Windows User.
If I set Analyzer to use Windows authentication I am to log in with no
problems. But if it is set to SQL Server authentication and I type in
my username (in the format domain\username or username@.domain) and
password I get a login error.
Is there a way to login in to SQL using domain account without using
windows authentication?
Thanks,
JasonHi
If you are wanting to use the windows accounts to log into the database
server, then you will have to use windows authentication.
John
"Jason" <JayCallas@.hotmail.com> wrote in message
news:f01a7c89.0407010728.1ba158c2@.posting.google.c om...
> I doing some testing with security and ran into the following problem.
> I want to log into the SQL server (from Query Analyzer) using my
> domain account. To allow this, I went into Logins section in
> Enterprise Manager and added my user account as a Windows User.
> If I set Analyzer to use Windows authentication I am to log in with no
> problems. But if it is set to SQL Server authentication and I type in
> my username (in the format domain\username or username@.domain) and
> password I get a login error.
> Is there a way to login in to SQL using domain account without using
> windows authentication?
> Thanks,
> Jason|||Jason (JayCallas@.hotmail.com) writes:
> If I set Analyzer to use Windows authentication I am to log in with no
> problems. But if it is set to SQL Server authentication and I type in
> my username (in the format domain\username or username@.domain) and
> password I get a login error.
To log in with SQL authentication, you first need to create an SQL
login with sp_addlogin.
> Is there a way to login in to SQL using domain account without using
> windows authentication?
No. I tried:
sp_addlogin '[KESMETS\Sommar]'
and was rewarded with:
Server: Msg 15006, Level 16, State 1, Procedure sp_addlogin, Line 42
'[KESMETS\Sommar]' is not a valid name because it contains invalid
characters.
And in case, that would not be a reasonable thing to do.
What SQL authentication is, is a username and password defined in SQL
Server only. This is generally more unsafe than Windows authentication,
because of two reasons:
1) There is no protection against brute-force attacks.
2) Passwords are easy to sniff, because encryption is poor.
--
Erland Sommarskog, SQL Server MVP, esquel@.sommarskog.se
Books Online for SQL Server SP3 at
http://www.microsoft.com/sql/techin.../2000/books.asp
No comments:
Post a Comment