 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
SQL Server Forum / General / Security / May 2006login 101..
What is the difference between 'Windows Authentication' login and 'SQL login'? I have IIS, MSDE installed on my home computer and I don't log into windows. So how does 'Windows Authentication' apply in this case? Thanks, RABMissouri It depends on what operating system you are running at home. In some cases, even though you don't explicitly log in, you are being logged in when the computer starts up. It's just transparent to the user. What OS are you running at home? -Sue >What is the difference between 'Windows Authentication' login and 'SQL >login'? I have IIS, MSDE installed on my home computer and I don't log >into windows. So how does 'Windows Authentication' apply in this case? > >Thanks, >RABMissouri >What is the difference between 'Windows Authentication' login and 'SQL >login'? Hi RABMissouri, Windows authentication - SQL Server uses a special protocol to ask Windows for the details of the currently logged-in user. If the Windows user is in the list of allowed logins, the login succeeds wiithout the user having to enter anything. If the Windows login is not registered as a SQL Server login, an error message follows. Advantages: no extra login prompts for user; SQL Server security benefits from Windows login policies (such as password aging, etc). Disadvantages: doesn't lend itself for testing; Windows users with admin rights are automatically logged in as SQL Server admin. SQL Server login - SQL Server prompts user for loginname and password, then compares this to list of loginnames and (encrypted) passwords in system table master..syslogins. On a match, you are logged in. Advantages: easy when you have to test seecurity for different roles. Disadvantages: no password expiration, password complexity checks, etc. > I have IIS, MSDE installed on my home computer and I don't log >into windows. So how does 'Windows Authentication' apply in this case? What version of Windows are yoou using?  SignatureHugo Kornelis, SQL Server MVP Windows XP Professional... Thanks, RABMissouri If you aren't logging in then I would guess you are using the Welcome screen login option. The user you select is the user that is logged into windows for you. That is the login that would access MSDE on your computer if you were using osql, admin tools, etc. Depending on other settings but generally if your web site is using Windows Authentication, it will log into SQL Server using the ComputerName\ASPNET login. That's basically how it would work. There is a login associated with you as well as IIS that can be used as windows logins in SQL Server. -Sue >Windows XP Professional... > >Thanks, >RABMissouri Just a correction for the SQL Authentication description: On Windows 2003, SQL Server 2005 can enforce the Windows password complexity and expiration policy for SQL logins. Thanks SignatureLaurentiu Cristofor [MSFT] Software Design Engineer SQL Server Engine http://blogs.msdn.com/lcris/ This posting is provided "AS IS" with no warranties, and confers no rights. >>What is the difference between 'Windows Authentication' login and 'SQL >>login'? [quoted text clipped - 21 lines] > > What version of Windows are yoou using? |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2009 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.