Re: connection options to yukon

Windows auth is still somewhat recommended because of the security aspect I
mentioned. Atleast such was the story/recommendation about 1 year back.

Either way has it's downsides though - take your pick :-)

- Sahil Malik [MVP]
http://codebetter.com/blogs/sahil.malik/


<param@xxxxxxxxxxxxxxxx> wrote in message
news:eo$TzMxaFHA.4040@xxxxxxxxxxxxxxxxxxxxxxx
> Or I would have to sync the same account name & password on all servers
> and maintain it which would be gruesome.. Should I revert back to sql auth
> in lieu of windows?
>
> "Sahil Malik [MVP]" <contactmethrumyblog@xxxxxxxxxx> wrote in message
> news:urWCTNwaFHA.740@xxxxxxxxxxxxxxxxxxxxxxx
>> Local account is better, because the domain needs to validate everytime
>> otherwise. Win2k3 is a bit better because it uses kerberos tickets -
>> sending and validating tickets is quicker than hashes of passwords.
>> But if it's a local account, that kinda assumes that all your servers are
>> all on the same machine :-)
>>
>> - Sahil Malik [MVP]
>> http://codebetter.com/blogs/sahil.malik/
>>
>>
>> <param@xxxxxxxxxxxxxxxx> wrote in message
>> news:%23VurgBvaFHA.3848@xxxxxxxxxxxxxxxxxxxxxxx
>>>I am leaning towards Windows Authentication too. But what about a domain
>>>account vs local account? Any pros & cons of one over the other?
>>>
>>> thanks!
>>>
>>> "Sahil Malik [MVP]" <contactmethrumyblog@xxxxxxxxxx> wrote in message
>>> news:e1lakyraFHA.2736@xxxxxxxxxxxxxxxxxxxxxxx
>>>> Connection pooling does not depend on what method you choose to
>>>> connect -
>>>> Windows auth or Sql auth.
>>>> Connection pooling depends on the fact that repeated SqlConnection
>>>> objects
>>>> use the exact same connection string.
>>>>
>>>> My recommendation would be to use Windows authentication over sql Auth
>>>> because it is more secure. It is more secure because there is no
>>>> password to
>>>> manage :) (or it is managed by the OS).
>>>>
>>>> Please let me know if you have any additional questions.
>>>>
>>>> - Sahil Malik [MVP]
>>>> http://codebetter.com/blogs/sahil.malik/
>>>> My upcoming ADO.NET 2.0 book - http://tinyurl.com/9bync
>>>>
>>>>
>>>>
>>>>
>>>> <param@xxxxxxxxxxxxxxxx> wrote in message
>>>> news:urNVrlkaFHA.2664@xxxxxxxxxxxxxxxxxxxxxxx
>>>>> Hi all, i am a newbie to SQL2005. I have had experience developing
>>>>> apps on
>>>>> .net 1.1 and sql 2000. I am currently working on developing a new
>>>>> solution
>>>>> and looking into feasibility of using sql 2005 as the database and
>>>>> .net
>>>> 1.1
>>>>> as the front end with the enterprise library jan 2005 block to connect
>>>>> to
>>>>> the database. I may also decide to use asp.net 2.0 depending on the
>>>>> new
>>>>> features available which I am still exploring. The question I had is
>>>>> what
>>>> is
>>>>> the best way for an asp.net application (1.1 or 2.0) to connect to a
>>>>> sql
>>>>> 2005 database and make best use of connection pooling.
>>>>>
>>>>> 1. SQL Server Authentication
>>>>>
>>>>> PROS
>>>>>
>>>>> 1. No need for windows accounts or cals
>>>>> 2. Performance
>>>>>
>>>>> CONS
>>>>>
>>>>> 1. Asp.net app needs to store username & password somewhere.
>>>>>
>>>>>
>>>>> 2. Domain Level Windows Account
>>>>>
>>>>> PROS
>>>>>
>>>>> 1. No need for application to store password
>>>>> 2. Easy Management in a Server Farm & DB Connectivity
>>>>>
>>>>> CONS
>>>>>
>>>>> 1. Performance
>>>>>
>>>>> 3. Local Level Windows Account
>>>>>
>>>>> PROS
>>>>>
>>>>> 1. No need for application to store password
>>>>> 2. Performance
>>>>>
>>>>> CONS
>>>>>
>>>>> 1. Complicated management in a server farm and need to create account
>>>>> on
>>>>> each machine with same name etc.
>>>>>
>>>>> 4. SQL 2005 Application Roles?
>>>>>
>>>>>
>>>>> Can anyone make some best practice recommendations?
>>>>>
>>>>> Much appreciated!
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>


.

Relevant Pages

  • Re: Cannot log in to Windows
    ... >> What version of Windows? ... >> router config will alter your Windows settings, ... > I'm not sure if it's domain or local account. ... domainname or machinename ...
    (microsoft.public.win2000.active_directory)
  • Re: Cannot authenticate remote user to share
    ... > We run Windows 2000 SBS as a domain controller. ... The remote machine is a laptop, ... If we browse to it via Network ... She does not have a local account on that system, ...
    (microsoft.public.security)
  • Re: Intranet app via remote location (Internet)
    ... I find it strange that you've had such bad experiences with Windows auth as ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... this new site on one of their machines, ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: PATH is lost when loggin into a domain
    ... I would suggest merging them into the COMPUTER variables to maintain a ... I have classroom with windows XP installed, ... Users mostly use a local account on those machines to log ... I have lots of installed software there, so the path is quite large. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Local account and printer in AD
    ... That means that to connect to that specific computer, the Windows XP will ... What does it mean "then use that account as cache credentials"? ... You could create a Domain user who has identical credentials ... as the local account on the XP machine. ...
    (microsoft.public.windows.server.active_directory)