Re: Windows versus Application Security

Actually the only purpose of this is to capture who does what in the
application. There are already various status tables the capture who does
what but is based on the windows login right which does not identify the
actual individual. For example:

When an order is placed, an entry is made into the OrderStatus table which
contains the Order_ID, Status (in this case -- Placed), date, and user
identification.

We most likely will continue to use their built in windows identity to
control access to the database. So when Willy Wonka logins into his work
station he logins as PCUser. But when he opens the application, he must
login as Willy Wonka and that identity must be passed around for the purpose
of recording entries in these status tables.

WR



"Patrice" wrote:

Another option could be to use roaming profiles
http://support.microsoft.com/kb/243420/en-us allowing the profile to be
always available and allowing deletion server side...
Looks like more a question for an admin group...

I'm not sure for the other part what you are trying to do ? Do you have a
SQL Server 2000 application that doesn't relate to this or do you mean you
could have to create one to workaround this profile issue ?

--
Patrice

"WhiskyRomeo" <WhiskyRomeo@xxxxxxxxxxxxxxxxxxxxxxxxx> a écrit dans le
message de news: 3CC25F36-6451-46AD-8DBF-90B598C06C7C@xxxxxxxxxxxxxxxx
I have a client that wants me to set up security for an windows .NET
application using SQL Server 2000 as the DBMS. Currently we use the built
in
Windows security to define login and access to the database.

The problem is that there is a lot of turnover and users work at multiple
XP
workstations. So everyone logins under a common user name and password.

Creating, managing and removing windows domain accounts are not the
problem.
The problem is that every time a new user logs on an XP workstation, that
user's folder structure is created on that machine. So, event though
individual windows accounts are manageable, having to go through each
workstation and clear out the users folders when they leave is not
manageable
-- not to mention the waste of disk space.

Is there a way to prevent XP from creating the individual user's folder
structure for each user?

If I must create an application login system, what is the best way to do
this? That is how do I pass the identity of the user from one form to
another?


WR



.

Relevant Pages

  • RE: Password never set - locked out of Windows XP Home
    ... Ran fixboot last night, and although the system said it had fixed the boot ... I am still stuck in the redundant loop of getting to a pop-up login ... only to not have it shutdown but instead pop back up with the same login box. ... my Windows XP Home system worked great. ...
    (microsoft.public.windowsxp.accessibility)
  • Re: sp_revoke login is not working as expected.
    ... EXEC xp_logininfo 'MyDomain\SomeUserAccount','members' ... Try specifying a group member rather than the group. ... This should list the Windows groups the user can connect with. ... connect with the non-existing login. ...
    (microsoft.public.sqlserver.security)
  • Re: Windows 98 getting stuck logging into a W2K3 domain.
    ... > workaround I've turned off Windows 98's ability in Client for MS ... > login stating that the domain can not be found, ... > Client for MS networks does the password validation. ...
    (microsoft.public.win2000.general)
  • RE: How to create a trusted connection
    ... You need to grant access for the Windows login by referring to the books ... is set to use Windows authentication to be able to do trusted connection. ... There are two modes of authentication in SQL Server: ...
    (microsoft.public.sqlserver.security)
  • Re: ASP security (anonymouse vs integrated) problem...
    ... displays a login page and requests a username/password combination. ... they have already logged-on to windows. ... redirect to the standard login page for the username/password combination. ...
    (microsoft.public.inetserver.asp.general)