Database Journal
MS SQL Oracle DB2 Access MySQL PostgreSQL Sybase PHP SQL Etc SQL Scripts & Samples Links Database Forum

» Database Journal Home
» Database Articles
» Database Tutorials
MS SQL
Oracle
DB2
MS Access
MySQL
» RESOURCES
Database Tools
SQL Scripts & Samples
Links
» Database Forum
» Sitemap
Free Newsletters:
DatabaseDaily  
News Via RSS Feed


follow us on Twitter
Database Journal |DBA Support |SQLCourse |SQLCourse2
 

Featured Database Articles

MS SQL

Posted Mar 5, 2001

SQL Server 7.0 Security Modes

By Alexander Chigrik


There are two security modes (authentication modes) in SQL Server 7.0:

  • Windows NT Authentication
  • Mixed
  • The security mode is selected during SQL Server 7.0 installation and can be modified at any time. To change the security modes, you can do the following:

    Click Start, Programs, Microsoft SQL Server 7.0 and click SQL Enterprise Manager to run SQL Enterprise Manager from the Microsoft SQL Server 7.0 program group.

    Select the server you want to work with, then from the Tools menu select SQL Server Configuration Properties, and choose the Security page.



    Set SQL Server 7.0 Security Mode


    Windows NT Authentication

    When it is used, then Windows NT is responsible for managing user connections through its Access Control List (ACL). So the advantage of using Windows NT Authentication is single-password access to all resources on a Windows NT domain, and password aging, and encryption across the network. Windows NT security also provides auditing, minimum password length, and account lockout after multiple invalid login requests.

    If Windows NT Authentication Mode is used, and a user attempts to connect to SQL Server providing nonblank login name, then the login will be ignored.

    With Windows NT Authentication, only Multi-Protocol and Named Pipes clients are supported, and only trusted connections are allowed into SQL Server (trusted connections are only available via the Multi-Protocol or the Named Pipes).

    This security mode is used by default, but Windows NT Authentication is not available, when SQL Server is running on Windows 95/98.


    Mixed Mode

    Mixed Security allows users to connect using Windows NT Authentication or using SQL Server Authentication.

    Mainly, SQL Server Authentication is provided for backward compatibility, but is also required when SQL Server is running on Windows 95/98 because Windows NT Authentication Mode is not supported on Windows 95/98.

    When SQL Server Authentication is used, SQL Server manages its own login validation process for all connections, i.e. SQL Server is wholly responsible for authenticating a user and for enforcing password and login restrictions.

    You should choose Mixed Security Mode, when SQL Server running on Windows 95/98, or for connections with internet and clients other than Windows NT clients.

    In this case, when a user connects to a SQL Server, then SQL Server checks is it a trusted connection or not (checks is the login name matches the user's network username, or if the login name is null). If it is a trusted connection, then SQL Server uses Windows NT Authentication, if it is not a trusted connection then SQL Server uses SQL Server Authentication (i.e. tried to find the same SQL Server login name and password, as user has passed).


    » See All Articles by Columnist Alexander Chigrik




    MS SQL Archives

    Comment and Contribute

     


    (Maximum characters: 1200). You have characters left.

     

     




    Latest Forum Threads
    MS SQL Forum
    Topic By Replies Updated
    SQL 2005: SSIS: Error using SQL Server credentials poverty 3 August 17th, 07:43 AM
    Need help changing table contents nkawtg 1 August 17th, 03:02 AM
    SQL Server Memory confifuration bhosalenarayan 2 August 14th, 05:33 AM
    SQL Server Primary Key and a Unique Key katty.jonh 2 July 25th, 10:36 AM


















    Thanks for your registration, follow us on our social networks to keep up-to-date