Author |
Topic |
AskSQLTeam
Ask SQLTeam Question
0 Posts |
Posted - 2002-04-10 : 08:51:12
|
UnkleVo writes "When I am trying to connect using DSN file it gives me an error "Login failed for user <user_name>"(conn.Open "FILEDSN=c:/mydsnfile.dsn")It works when I am using the same user to connect using DSN-less connection.("Provider=sqloledb;Data Source=MYSERVER;User ID=MyUser;Password=MyPassword;")Also,if I add a password to the connection string after I indicate the path to DSN file it also works. (conn.Open "FILEDSN=c:/mydsnfile.dsn;PWD=MyPassword")I have a user set up in SQL server which I use in my DSN file.It is part of public and db_owner database roles.Hope you can help me.Thank you." |
|
chadmat
The Chadinator
1974 Posts |
Posted - 2002-04-10 : 18:34:38
|
File DSNs do note store password info in the file. You have to pass it in your connection string.It would be a security risk to store it in the file.-Chad |
|
|
AjarnMark
SQL Slashing Gunting Master
3246 Posts |
Posted - 2002-04-10 : 20:18:34
|
Wouldn't a System DSN be a better choice here?------------------------GENERAL-ly speaking... |
|
|
isharko
Starting Member
7 Posts |
Posted - 2002-04-15 : 11:31:35
|
quote: Wouldn't a System DSN be a better choice here?------------------------GENERAL-ly speaking...
|
|
|
isharko
Starting Member
7 Posts |
Posted - 2002-04-16 : 11:34:13
|
Is there a way to avoid hardcoding a UID and PWD into a connection stringwhen using system DSN.Now I am using strConnString = "DSN=MyDsn;UID=MyUserID;PWD=MyPassword"I don't want to hardcode UID and PWD into my app because DBA (that do nothave an access to the app source files) would like to be able to change userand password for DB connection used in this app.Thanks. |
|
|
robvolk
Most Valuable Yak
15732 Posts |
Posted - 2002-04-16 : 11:46:21
|
Why not just use a DSN-less connection? It's very easy to build all of the required elements for a connection string from either user input or system data, or both. The user can be prompted for both a user name and password if desired, or a password only. You'll see this on web sites (Yahoo! Mail, for example) where they give you the option of signing in as a different user, or maintaining the same user account (you still need to enter a password)IMHO DSNs are not worth the hassle anymore, especially if you're using ADO to connect to a database. They really don't provide any benefit. |
|
|
isharko
Starting Member
7 Posts |
Posted - 2002-04-16 : 14:53:27
|
Yes, the DSN-less connections are great I was using it all the time before. But the problem is that my management decided to host my web application somewhere else (another city) and they don't want the uid and password hardcoded into my app. The DBA wants to be able to create a database for this app and place it at any location he likes. If we use DSN than he can simply configure DSN without contacting me (developer). If we use DSN-less connection I have to send him updated version of my VB component.Any thoughts?Thanks for your help. |
|
|
izaltsman
A custom title
1139 Posts |
Posted - 2002-04-16 : 15:24:47
|
Basically this is your classic trade-off between security and usability... If you feel comfortable keeping your password in a file, there is no reason why you can't create an ini file that your application would read on start-up. This file can contain all the configuration parameters needed by your application, including your database password (possibly encrypted using Crypto API or something).---------------Strong SQL Developer wanted in the Boston area. Please e-mail if interested.Edited by - izaltsman on 04/16/2002 15:25:58 |
|
|
sqlxpert
Starting Member
11 Posts |
Posted - 2002-04-16 : 15:34:26
|
U can also use PWD file this will be having encrypted password and can be generated by a dba when ever required using keygen.AB |
|
|
|