Please start any new threads on our new site at https://forums.sqlteam.com. We've got lots of great SQL Server experts to answer whatever question you can come up with.

 All Forums
 General SQL Server Forums
 New to SQL Server Programming
 How to create a windows authentication login

Author  Topic 

beerbsh316
Starting Member

6 Posts

Posted - 2007-01-16 : 09:01:46
Is it possible to create a windows authentication login for each of the computers on my network that will connect to sql server. I am developing a program that will be installed on multiple computers and we do not want to actually have to log in to sql server since we will have to log in to the server before opening the program and we dont want to have 2 logins. I would like to use windows authentication so that I do not have to program multiple connection strings in my program so that if more than 1 person accesses the database at the same time it will not cause a problem with using the same login. Is this possible and if so how would I go about setting up the logins. I am using SQL Server 2005 and XP SP2

SwePeso
Patron Saint of Lost Yaks

30421 Posts

Posted - 2007-01-16 : 09:15:46
No, not the computers.
But... You can create a Windows group with the members that are allowed to connect.
Add the Windows group as an account in SQL Server and use SSPI when connecting.


Peter Larsson
Helsingborg, Sweden
Go to Top of Page

beerbsh316
Starting Member

6 Posts

Posted - 2007-01-16 : 09:17:28
Can you instruct me on how I would do this or point me to instructions
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

30421 Posts

Posted - 2007-01-16 : 09:19:29
I just wrote a step-by-step instruction to you.


Peter Larsson
Helsingborg, Sweden
Go to Top of Page

beerbsh316
Starting Member

6 Posts

Posted - 2007-01-16 : 09:47:32
Ok I am not sure I am doing this right. I created a group on the computer that has the database and was able to added the user on that computer to the group but I couldnt add the other computers user to the group. I added that group to the sql server logins. So then I created a group on the other computer with the same name and added that user to that group but I cant add it to the logins for sql server.
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

30421 Posts

Posted - 2007-01-16 : 09:53:06
YOU CAN'T ADD COMPUTERS TO A USER GROUP.

Add the USERS who you want to access the application! Then add the USER GROUP to the SQL Server as an account.
Then use SSPI as preferred authentication method.


Peter Larsson
Helsingborg, Sweden
Go to Top of Page

beerbsh316
Starting Member

6 Posts

Posted - 2007-01-16 : 10:05:12
So then there is no way that I can use Windows Authentication to allow users on different computers on my network to access Sql Server. I will have to give each one a USERID and Password and use Sql Authentication and alter the connection my application for each computer.
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

30421 Posts

Posted - 2007-01-16 : 10:08:39
Everyone already has an ID! It is called LANMANNAME.
Create a Windows GROUP on the SQL Server (or in the Active Directory). Add all the user's LANMANNAMES there.
Add the GROUP to SQL Server as an account.
In all applications, use SSPI. Now SQL server will automaically to a reverse lookup and find that a user exists (or not exists) in the GROUP you created.


Peter Larsson
Helsingborg, Sweden
Go to Top of Page

jhermiz

3564 Posts

Posted - 2007-01-16 : 13:28:22
Beerbsh316,

First create a windows group called TEST.
Add users that you want to be able to access your app into the group TEST. For instance, Joe Blow and Anita Takeabath.
So now you have 2 users to access the application.

In SQL Server security add a new security login. You should be able to select the group you created called "TEST". Select that group and give it access to the db at hand.

On the application side of things make sure the web.config file for your .net project contains a line like so:

<authentication mode="Windows"/>

Next you should have an authoirization tag to allow the TEST group:

<authorization>
<allow roles="TEST">
<deny users="*">
</authorization>

Does that help ?


Keeping the web experience alive -- [url]http://www.web-impulse.com[/url]

RS Blog -- [url]http://weblogs.sqlteam.com/jhermiz[/url]
Go to Top of Page
   

- Advertisement -