What is the difference between 'Windows Authentication' login and 'SQL
login'? I have IIS, MSDE installed on my home computer and I don't log
into windows. So how does 'Windows Authentication' apply in this case?
Thanks,
RABMissouriIt depends on what operating system you are running at home.
In some cases, even though you don't explicitly log in, you
are being logged in when the computer starts up. It's just
transparent to the user.
What OS are you running at home?
-Sue
On 22 May 2006 08:31:41 -0700, "RAB" <rabmissouri@.yahoo.com>
wrote:
>What is the difference between 'Windows Authentication' login and 'SQL
>login'? I have IIS, MSDE installed on my home computer and I don't log
>into windows. So how does 'Windows Authentication' apply in this case?
>
>Thanks,
>RABMissouri|||On 22 May 2006 08:31:41 -0700, RAB wrote:
>What is the difference between 'Windows Authentication' login and 'SQL
>login'?
Hi RABMissouri,
Windows authentication - SQL Server uses a special protocol to ask
Windows for the details of the currently logged-in user. If the Windows
user is in the list of allowed logins, the login succeeds wiithout the
user having to enter anything. If the Windows login is not registered as
a SQL Server login, an error message follows.
Advantages: no extra login prompts for user; SQL Server security
benefits from Windows login policies (such as password aging, etc).
Disadvantages: doesn't lend itself for testing; Windows users with admin
rights are automatically logged in as SQL Server admin.
SQL Server login - SQL Server prompts user for loginname and password,
then compares this to list of loginnames and (encrypted) passwords in
system table master..syslogins. On a match, you are logged in.
Advantages: easy when you have to test seecurity for different roles.
Disadvantages: no password expiration, password complexity checks, etc.
> I have IIS, MSDE installed on my home computer and I don't log
>into windows. So how does 'Windows Authentication' apply in this case?
What version of Windows are yoou using?
Hugo Kornelis, SQL Server MVP|||Windows XP Professional...
Thanks,
RABMissouri|||Just a correction for the SQL Authentication description:
On Windows 2003, SQL Server 2005 can enforce the Windows password complexity
and expiration policy for SQL logins.
Thanks
Laurentiu Cristofor [MSFT]
Software Design Engineer
SQL Server Engine
http://blogs.msdn.com/lcris/
This posting is provided "AS IS" with no warranties, and confers no rights.
"Hugo Kornelis" <hugo@.perFact.REMOVETHIS.info.INVALID> wrote in message
news:bsf472h1m7vuhpjlhfi55eekqe47r7nte3@.
4ax.com...
> On 22 May 2006 08:31:41 -0700, RAB wrote:
>
> Hi RABMissouri,
> Windows authentication - SQL Server uses a special protocol to ask
> Windows for the details of the currently logged-in user. If the Windows
> user is in the list of allowed logins, the login succeeds wiithout the
> user having to enter anything. If the Windows login is not registered as
> a SQL Server login, an error message follows.
> Advantages: no extra login prompts for user; SQL Server security
> benefits from Windows login policies (such as password aging, etc).
> Disadvantages: doesn't lend itself for testing; Windows users with admin
> rights are automatically logged in as SQL Server admin.
> SQL Server login - SQL Server prompts user for loginname and password,
> then compares this to list of loginnames and (encrypted) passwords in
> system table master..syslogins. On a match, you are logged in.
> Advantages: easy when you have to test seecurity for different roles.
> Disadvantages: no password expiration, password complexity checks, etc.
>
> What version of Windows are yoou using?
> --
> Hugo Kornelis, SQL Server MVP|||If you aren't logging in then I would guess you are using
the Welcome screen login option. The user you select is the
user that is logged into windows for you. That is the login
that would access MSDE on your computer if you were using
osql, admin tools, etc. Depending on other settings but
generally if your web site is using Windows Authentication,
it will log into SQL Server using the ComputerName\ASPNET
login.
That's basically how it would work. There is a login
associated with you as well as IIS that can be used as
windows logins in SQL Server.
-Sue
On 22 May 2006 18:40:57 -0700, "RAB" <rabmissouri@.yahoo.com>
wrote:
>Windows XP Professional...
>Thanks,
>RABMissouri
No comments:
Post a Comment