SQL Authentication process.

  • Hello,

    I was investigating about windows authentication vs SQL authentication process. I got to learn that how Windows authentication process uses kerberos algorithm to authenticate/connect a user/services. So here is my question, does SQL authentication mode (mixed mode) uses any algorithm to authenticate the user, or is it just login-password matching process which is stored into the server.

    Also, is there any role of Service Principle Names(SPN), Active Directories in SQL authentication process? I know it makes an entry in AD in case of win authentication process.

    Thanks.

  • With mixed mode, you can authenticate with either kerberos (Windows) or SQL. SQL holds a list of logons and passwords which is used to authenticate logon requests. SQL authentication does not use kerberos or SPN.

    You can freely switch between the modes as you wish but stick to Windows Auth unless you have to.

    Hope this helps.

  • Thank you Mark, It really helped me to understand the concept.

    I have one more question for you. As you said

    "SQL holds a list of logons and passwords which is used to authenticate logon requests"

    does that mean that SQL Server keeps a table having login-passwords in it? I thought it uses AD to fetch the login information. correct me if i am wrong.

    Thanks for the help.

    Manish

  • ekant_alone (10/28/2009)


    Thank you Mark, It really helped me to understand the concept.

    I have one more question for you. As you said

    "SQL holds a list of logons and passwords which is used to authenticate logon requests"

    does that mean that SQL Server keeps a table having login-passwords in it? I thought it uses AD to fetch the login information. correct me if i am wrong.

    Thanks for the help.

    Manish

    For the Windows Auth - SQL does not store a password. For SQL Auth, a password is stored encrypted in a table in the master database.

    Jason...AKA CirqueDeSQLeil
    _______________________________________________
    I have given a name to my pain...MCM SQL Server, MVP
    SQL RNNR
    Posting Performance Based Questions - Gail Shaw[/url]
    Learn Extended Events

  • the encryption is a one-way hash for SQL auth.

  • Thank you Mark Steve and Jason.

Viewing 6 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic. Login to reply