Re: connection string and ADO
- From: "Richard Mueller" <rlmueller-NOSPAM@xxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 5 Jan 2006 11:42:38 -0600
Hi,
In SQL Server databases I use Windows Authentication and create a role. The
role is given permissions in the database. Any user assigned to this role
has the permissions. Any other user has no permissions (except the SQL
Admin). I generally grant a domain group the role, so that all members of
the domain group have the role and the permissions. I can management group
membership easily. Users logon to Windows normally and these credentials are
used in SQL Server, so there is no need to supply username/password for each
database. I assume other database management systems have something similar.
--
Richard
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
"MrSmersh" <MrSmersh@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:F453700B-7051-4D24-8E88-425FDC9B7302@xxxxxxxxxxxxxxxx
> I?m afraid that is not possible. As I?ve seen below you are interested on
> a
> multi database system, even if you are able to do it for a particular DB
> type
> you will not find a all covering solution.
> Instead what works for all database types is creating limited rights users
> and use them to access your data.
>
> I have done a .Net database abstraction layer and a database setup tool
> (including users and rights) all working with SQL Server, Oracle, Postgre,
> DB2 (also for iSeries).
> In short for this databases I did not find a common denominator in not
> storing the password somehow somewhere. In some cases the password is not
> required in the connection string.
>
>
> "Maileen" wrote:
>
>> Hi,
>>
>> I would like to know how do you do to store the connection string of an
>> ADO
>> component.
>> Basically to access to a DB (to insert, update, select,..) we usually use
>> the DB
>> administrator password and account.
>>
>> So if we store it somewhere, we create a security hole.
>>
>> How can i do to not make application users type several time the DB
>> administrator data (for creating DB, for example), or the users data
>> (password,
>> account) in case of select, insert,... commands ?
>>
>> thanks a lot,
>> Maileen
>>
.
- References:
- connection string and ADO
- From: Maileen
- connection string and ADO
- Prev by Date: Re: Using Rich Text formating with InfoPath
- Next by Date: Re: how to reference feild data -
- Previous by thread: connection string and ADO
- Index(es):
Relevant Pages
- ADP, Application Role, and objects
... The above link is to an atricle on how to implement SQL Server Application ...
After you connect with your ADP, fire a bit of code to set the ... third party tools to
view the data on the same database. ... Scenario 1 - If I explicitly grant permissions
on that object to the user ... (microsoft.public.access.adp.sqlserver) - Re: Execute Persmission denied on object sp_OACreate
... > SQL Server is creating a job behind the scenes. ... > permissions.
... > SA account password and gaining access to the database. ... >>>
How can get a user permissions to execute these stored procedures ... (microsoft.public.sqlserver.security) - Re: Newbie: I dont understand user permissions for table access
... > My database is remote to my workstation. ... > tables/fields WITHOUT
specifying anything in the permissions dialogs? ... >> HOW are you connecting to
SQL Server? ... what rights/permissions have been granted to the PUBLIC role? ...
(microsoft.public.sqlserver.server) - Re: Execute Persmission denied on object sp_OACreate
... SQL Server is creating a job behind the scenes. ... SA account password and
gaining access to the database. ... > SQL Server doesn't check permissions on
indirectly referenced objects as ... > the proxy account security context for non-sysadmin
users from Enterprise ... (microsoft.public.sqlserver.security) - Re: Security question ..
... What I want to prevent is any access to the database accept through our ...
application unless you have elevated permissions. ... Authentication, if he is smart
enough to create an NT Auth ODBC connection ... passes through to the database or to use SQL
Server authentication. ... (microsoft.public.sqlserver.server)
