Hi,
I'm looking for something similar to Oracle's login trigger to limit user
connections. I have an application userid that must have read/write/execute
permissions, but other users who should only have read access are logging in
with this user id. This user id is used by a legacy system and no one how
many places the password is hard coded, so changing the password is not an
option.
Is there a way that I can check the hostname of this user on connection, and
if the connection is not coming from an approved host, deny the connection?
Thanks.
Susan
I only know a windows trick MIGHT achieve the effect. You can test this: try
setup the sql server's security policy to only allow certain machines to
login. But if a user login from terminal services or citrix client, you need
to think other methods.
James
"Susan Cooper" wrote:
> Hi,
> I'm looking for something similar to Oracle's login trigger to limit user
> connections. I have an application userid that must have read/write/execute
> permissions, but other users who should only have read access are logging in
> with this user id. This user id is used by a legacy system and no one how
> many places the password is hard coded, so changing the password is not an
> option.
> Is there a way that I can check the hostname of this user on connection, and
> if the connection is not coming from an approved host, deny the connection?
> Thanks.
> Susan
Showing posts with label userconnections. Show all posts
Showing posts with label userconnections. Show all posts
Wednesday, March 7, 2012
Login Trigger?
Hi,
I'm looking for something similar to Oracle's login trigger to limit user
connections. I have an application userid that must have read/write/execute
permissions, but other users who should only have read access are logging in
with this user id. This user id is used by a legacy system and no one how
many places the password is hard coded, so changing the password is not an
option.
Is there a way that I can check the hostname of this user on connection, and
if the connection is not coming from an approved host, deny the connection?
Thanks.
SusanI only know a windows trick MIGHT achieve the effect. You can test this: try
setup the sql server's security policy to only allow certain machines to
login. But if a user login from terminal services or citrix client, you need
to think other methods.
James
"Susan Cooper" wrote:
> Hi,
> I'm looking for something similar to Oracle's login trigger to limit user
> connections. I have an application userid that must have read/write/execu
te
> permissions, but other users who should only have read access are logging
in
> with this user id. This user id is used by a legacy system and no one how
> many places the password is hard coded, so changing the password is not an
> option.
> Is there a way that I can check the hostname of this user on connection, a
nd
> if the connection is not coming from an approved host, deny the connection
?
> Thanks.
> Susan
I'm looking for something similar to Oracle's login trigger to limit user
connections. I have an application userid that must have read/write/execute
permissions, but other users who should only have read access are logging in
with this user id. This user id is used by a legacy system and no one how
many places the password is hard coded, so changing the password is not an
option.
Is there a way that I can check the hostname of this user on connection, and
if the connection is not coming from an approved host, deny the connection?
Thanks.
SusanI only know a windows trick MIGHT achieve the effect. You can test this: try
setup the sql server's security policy to only allow certain machines to
login. But if a user login from terminal services or citrix client, you need
to think other methods.
James
"Susan Cooper" wrote:
> Hi,
> I'm looking for something similar to Oracle's login trigger to limit user
> connections. I have an application userid that must have read/write/execu
te
> permissions, but other users who should only have read access are logging
in
> with this user id. This user id is used by a legacy system and no one how
> many places the password is hard coded, so changing the password is not an
> option.
> Is there a way that I can check the hostname of this user on connection, a
nd
> if the connection is not coming from an approved host, deny the connection
?
> Thanks.
> Susan
Subscribe to:
Posts (Atom)