June 21, 2002 at 7:50 am
Hello,
Desktop: (Win 2k, Win 98SE, Microsoft Access 2000 (.mdb and .adp))
Server: SQL Server 2000 Standard, Win 2k Server
I've been working in Access for three years now, and I am currently investigating moving my back end to SQL Server (which I own and have been testing). I've read that using pure Windows Authentication is better than using SQL Server logins, and it made sense to me. When I am connected to my server, I am able to access the SQL Server tables (via, ADO, .adp, etc). The problem comes when I try to login from a remote site (home, etc). I get an error relating to SSPI Context.
I am able to resolve the problem by pcAnywhere-ing into my server and adding a SQL Server login... but doesn't that defeat the purpose of only using Windows Authentication?
Is it possible to connect to a SQL Server database using Windows authentication from a remote site (ASP, .adp) or must one be connected to the Domain that governs the SQL Server installation? If not, is SQL Server login security adequate?
My project cannot/will not allow "guest" or "anonymous" access... it is imperative that people log in.
I will be distributing the .adp to various customers/vendors so that they can check the status of accounts etc...
June 21, 2002 at 8:49 am
The user must be connected to the Domain that governs the SQL Server installation. I use both Windows Authenication and SQL Logins. I have seen no specific issues with SQL Logins. I believe thou ith SQL the data stream is not ecrypted so a SQL Login, with NT Auth you have a security token that SQL verifies (I could be wrong on this as I don't have what I was reading in front of me).
"Don't roll your eyes at me. I will tape them in place." (Teacher on Boston Public)
June 21, 2002 at 10:19 am
When you use Windows Auth, the windows credentials (essentially a token) are passed to SQL Server, which then verifies this with a DC.
First, it's a security risk across the Internet and you'd be better using some type of VPN. Second, I think you would have to use SQL Auth in this case.
Steve Jones
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply