Windows authentication

  • I have been using SQL Server for quite a while but have not used anything but SQL logins and am trying to fathom Windows Authentication mode.

    This is probably a 'duh' question but here goes:

    How does windows authentication for the sql server:

    1) get its user list (as a dba do i need to add the new user to the list of allowable users on the db)(is this related to active directory)

    2) authenticate (I assume that the sequence is 1)login to windows 2) start the application 3) application verifies that you have logged in and then sends the username for verification to the db 3) application roles are applied to the user)

    3) can i mimic sql style logins through application roles - if so how?

     

    Thank you in advance

  • Charles

    (1) The user list is defined by the DBA by adding all Windows users and groups that need access to resources on the SQL Server as logins in SQL Server.  This can be related to Active Directory or a flat Windows NT4 domain - it depends on your network structure.

    (2) The Windows ID of the user attempting to authenticate is passed through to SQL Server.  If the Windows ID is defined as a user and permissions have been granted on the required SQL Server resources, then access is allowed.  It's nothing to do with application roles.

    (3) No.  An application role is a role that allows anyone using a particular application to connect to SQL Server via that application.  An application role has no members, and its password is hard-coded into the application.

    Books Online has plenty of information on this - I recommend you spend a couple of hours reading it.

    John

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply