SQL Server Forums
Profile | Register | Active Topics | Members | Search | Forum FAQ
 
Register Now and get your question answered!
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 General SQL Server Forums
 New to SQL Server Programming
 How to create a windows authentication login
 New Topic  Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

beerbsh316
Starting Member

6 Posts

Posted - 01/16/2007 :  09:01:46  Show Profile  Reply with Quote
Is it possible to create a windows authentication login for each of the computers on my network that will connect to sql server. I am developing a program that will be installed on multiple computers and we do not want to actually have to log in to sql server since we will have to log in to the server before opening the program and we dont want to have 2 logins. I would like to use windows authentication so that I do not have to program multiple connection strings in my program so that if more than 1 person accesses the database at the same time it will not cause a problem with using the same login. Is this possible and if so how would I go about setting up the logins. I am using SQL Server 2005 and XP SP2

SwePeso
Patron Saint of Lost Yaks

Sweden
29908 Posts

Posted - 01/16/2007 :  09:15:46  Show Profile  Visit SwePeso's Homepage  Reply with Quote
No, not the computers.
But... You can create a Windows group with the members that are allowed to connect.
Add the Windows group as an account in SQL Server and use SSPI when connecting.


Peter Larsson
Helsingborg, Sweden
Go to Top of Page

beerbsh316
Starting Member

6 Posts

Posted - 01/16/2007 :  09:17:28  Show Profile  Reply with Quote
Can you instruct me on how I would do this or point me to instructions
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

Sweden
29908 Posts

Posted - 01/16/2007 :  09:19:29  Show Profile  Visit SwePeso's Homepage  Reply with Quote
I just wrote a step-by-step instruction to you.


Peter Larsson
Helsingborg, Sweden
Go to Top of Page

beerbsh316
Starting Member

6 Posts

Posted - 01/16/2007 :  09:47:32  Show Profile  Reply with Quote
Ok I am not sure I am doing this right. I created a group on the computer that has the database and was able to added the user on that computer to the group but I couldnt add the other computers user to the group. I added that group to the sql server logins. So then I created a group on the other computer with the same name and added that user to that group but I cant add it to the logins for sql server.
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

Sweden
29908 Posts

Posted - 01/16/2007 :  09:53:06  Show Profile  Visit SwePeso's Homepage  Reply with Quote
YOU CAN'T ADD COMPUTERS TO A USER GROUP.

Add the USERS who you want to access the application! Then add the USER GROUP to the SQL Server as an account.
Then use SSPI as preferred authentication method.


Peter Larsson
Helsingborg, Sweden
Go to Top of Page

beerbsh316
Starting Member

6 Posts

Posted - 01/16/2007 :  10:05:12  Show Profile  Reply with Quote
So then there is no way that I can use Windows Authentication to allow users on different computers on my network to access Sql Server. I will have to give each one a USERID and Password and use Sql Authentication and alter the connection my application for each computer.
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

Sweden
29908 Posts

Posted - 01/16/2007 :  10:08:39  Show Profile  Visit SwePeso's Homepage  Reply with Quote
Everyone already has an ID! It is called LANMANNAME.
Create a Windows GROUP on the SQL Server (or in the Active Directory). Add all the user's LANMANNAMES there.
Add the GROUP to SQL Server as an account.
In all applications, use SSPI. Now SQL server will automaically to a reverse lookup and find that a user exists (or not exists) in the GROUP you created.


Peter Larsson
Helsingborg, Sweden
Go to Top of Page

jhermiz
Flowing Fount of Yak Knowledge

USA
3564 Posts

Posted - 01/16/2007 :  13:28:22  Show Profile  Visit jhermiz's Homepage  Reply with Quote
Beerbsh316,

First create a windows group called TEST.
Add users that you want to be able to access your app into the group TEST. For instance, Joe Blow and Anita Takeabath.
So now you have 2 users to access the application.

In SQL Server security add a new security login. You should be able to select the group you created called "TEST". Select that group and give it access to the db at hand.

On the application side of things make sure the web.config file for your .net project contains a line like so:

<authentication mode="Windows"/>

Next you should have an authoirization tag to allow the TEST group:

<authorization>
<allow roles="TEST">
<deny users="*">
</authorization>

Does that help ?


Keeping the web experience alive -- http://www.web-impulse.com

RS Blog -- http://weblogs.sqlteam.com/jhermiz
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
SQL Server Forums © 2000-2009 SQLTeam Publishing, LLC Go To Top Of Page
This page was generated in 0.06 seconds. Powered By: Snitz Forums 2000