SQL Server 7.0 Security Modes


There are two security modes (authentication modes) in SQL Server 7.0:

  • Windows NT Authentication

  • Mixed
  • The security mode is selected during SQL Server 7.0 installation and can
    be modified at any time.
    To change the security modes, you can do the following:

    Click Start, Programs, Microsoft SQL Server 7.0 and click
    SQL Enterprise Manager to run SQL Enterprise Manager from the
    Microsoft SQL Server 7.0 program group.

    Select the server you want to work with, then from the Tools menu
    select SQL Server Configuration Properties, and choose the Security
    page.




    Set SQL Server 7.0 Security Mode

    Windows NT Authentication

    When it is used, then Windows NT is responsible for managing user
    connections through its Access Control List (ACL). So the advantage
    of using Windows NT Authentication is single-password access to all
    resources on a Windows NT domain, and password aging, and encryption
    across the network. Windows NT security also provides auditing,
    minimum password length, and account lockout after multiple invalid
    login requests.

    If Windows NT Authentication Mode is used, and a user attempts to
    connect to SQL Server providing nonblank login name, then the login
    will be ignored.

    With Windows NT Authentication, only Multi-Protocol and Named Pipes
    clients are supported, and only trusted connections are allowed
    into SQL Server (trusted connections are only available via the
    Multi-Protocol or the Named Pipes).

    This security mode is used by default, but Windows NT Authentication
    is not available, when SQL Server is running on Windows 95/98.

    Mixed Mode

    Mixed Security allows users to connect using Windows NT Authentication
    or using SQL Server Authentication.

    Mainly, SQL Server Authentication is provided for backward compatibility,
    but is also required when SQL Server is running on Windows 95/98 because
    Windows NT Authentication Mode is not supported on Windows 95/98.

    When SQL Server Authentication is used, SQL Server manages its own
    login validation process for all connections, i.e. SQL Server
    is wholly responsible for authenticating a user and for enforcing
    password and login restrictions.

    You should choose Mixed Security Mode, when SQL Server running on
    Windows 95/98, or for connections with internet and clients other
    than Windows NT clients.

    In this case, when a user connects to a SQL Server, then SQL Server
    checks is it a trusted connection or not (checks is the login name
    matches the user’s network username, or if the login name is null).
    If it is a trusted connection, then SQL Server uses Windows NT
    Authentication, if it is not a trusted connection then SQL Server
    uses SQL Server Authentication (i.e. tried to find the same SQL Server
    login name and password, as user has passed).


    »


    See All Articles by Columnist
    Alexander Chigrik

    Alexander Chigrik
    Alexander Chigrik
    I am the owner of MSSQLCity.Com - a site dedicated to providing useful information for IT professionals using Microsoft SQL Server. This site contains SQL Server Articles, FAQs, Scripts, Tips and Test Exams.

    Latest Articles