April 27, 2009 at 7:56 am
Long time reader, first time poster.:-)
The depth of knowledge of the moderators and expert posters in this forum I find extraordinary.
I have never seemed to grasp the full understanding of logins, etc. in SQL Server.
I have been a programmer in one form or another for 28 years.
I have worked with SQL from an application developer perspective for some time and have always struggled with how to best implement security without limiting users abiltiies to run my applications.
In this day and age my ignorance of this subject is no longer acceptable.
I need to understand how to build tighter security into my applications starting with the database.
It is hard to describe what I do not know but I have always used Windows integrated security.
But I am not sure of the relationships of a Windows user login and permisisons in SQL Server.
I work in a small wholesaler company and I am the IT Manager, Visual Studio developer, and SQL DBA.
When I develop I have full Windows Domain administration permissions. When I release an app to the real world, I end up with permissions issues (when dropping or deleting tables, etc.) for users that run my VS code under less than administrator permissions.
First of all - no need to point out that what I have been doing is not correct.:w00t:
Second - I have tried to search on this subject in this forum and have not been able to find anything comprehensive or detailed enough.
What I am hoping to find is an article or two about this subject in the 'SQL/Windows Logons and Security/Permissions 101'.
What are the best practices?
How are Windows logons related to or interact with SQL Server?
Can anyone point to some good articles/books on this subject?
Hopefully, this post will generate some good advice and comments and maybe help some other people in my position that are reluctant to ask.
Thanks in advance for any help or feedback as it is greatly appreciated!
RandMan:cool:
"There are three kinds of men. The one that learns by reading. The few who learn by observation. The rest of them have to pee on the electric fence for themselves." -- Will Rogers
April 28, 2009 at 7:32 am
RandMan,
I found the microsoft press kits for SQL 2005 certification do a good job of explaining it. I believe it's in the book for the 'first' exam for MCTS: SQL 2005.
The books online may also be a good resource, but don't explain the relationships between login, user and role as well.
~BOT
Craig Outcalt
April 28, 2009 at 7:58 am
Thanks for the response!
I will take a look in that direction.
"There are three kinds of men. The one that learns by reading. The few who learn by observation. The rest of them have to pee on the electric fence for themselves." -- Will Rogers
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply