Re: ODBC vs OLEDB - Is there a real differnece?

From: Ken Schaefer (kenREMOVE_at_THISadOpenStatic.com)
Date: 03/25/04

  • Next message: Eddie Simons: "Access 97 and MDAC 2.6" 
    Date: Thu, 25 Mar 2004 12:31:35 +1100

    He did say that he was already using the IUSR account through ODBC, which
    implies that IUSR must either be connecting to a local resource, or have
    some kind of permissions to network resources. I suppose I should have made
    my assumption of that implication clear. Sorry for any confusion.

    Cheers
    Ken

    "Bob Barrows" <reb01501@NOyahoo.SPAMcom> wrote in message
    news:eOoMReZEEHA.3384@TK2MSFTNGP12.phx.gbl...
    : Of course, using integrated security requires that IUSR be made a domain
    : account if the SQL Server is on another machine on the network ...
    :
    : Ken Schaefer wrote:
    : > a) To get to ODBC you now need to go through an OLEDB Provider (the
    : > OLEDB Provider for ODBC Drivers)
    : >
    : > b) I don't understand what you're talking about with respect to
    : > "passwords in clear text". Clear text where? If you want to connect
    : > to the SQL Server using the IUSR_<machinename> account you use
    : > "Integrated Windows Security" to connect to the SQL Server. There's
    : > no need to store the password anywhere yourself:
    : >
    : > strConnect = _
    : > "Provider=SQLOLEDB;" & _
    : > "Data Source=<servername>;" & _
    : > "Initial Catalog=<databasename>;" & _
    : > "Integrated Security=SSPI;"
    : >
    : > Cheers
    : > Ken
    : >
    : > "John Hoge" <jhoge123@yahoo.com> wrote in message
    : > news:d0f2d316.0403231712.69123f33@posting.google.com...
    : >> I've been told that OLEDB is a faster way to get to a SQL Server
    : >> database from ADO than to use ODBC. My paranoid streak prevents me
    : >> from putting a password in cleartext on my web server. Given the
    : >> number of source revelation exploits I've read about, I would rather
    : >> not do this and just use the IUSR account through the ODBC driver.
    : >>
    : >> Any thoughts on the issue?
    :
    :
    :
    : --
    : Microsoft MVP - ASP/ASP.NET
    : Please reply to the newsgroup. This email account is my spam trap so I
    : don't check it very often. If you must reply off-line, then remove the
    : "NO SPAM"
    :
    :

  • Next message: Eddie Simons: "Access 97 and MDAC 2.6"

    Relevant Pages

    • Re: asp/xml security problem in IIS
      ... > 1) Use a domain account as anonymous user (the IUSR account is completely ... > configurable) and give this domain account rights in SQL Server. ... >> is used to access the database] has changed either on the web server ...
      (microsoft.public.inetserver.iis.security)
    • Re: slow iis 6.0 performance
      ... I set the identity of the application pool to a domain user account. ... >> imagine a server farm. ... > each other, so in SQL server, you can expect the IUSR account to be the ... > IUSR account might suck performance. ...
      (microsoft.public.inetserver.iis)
    • Re: W2K/WMI service (WinMgmt.exe) accessing an ODBC connection
      ... credential to be used if those are for a SQL account. ... > The problem I have now is in modifying the ODBC connection. ... >> Starting Win2000, the machine accounts are security principals, ...
      (microsoft.public.win32.programmer.wmi)
    • Re: W2K/WMI service (WinMgmt.exe) accessing an ODBC connection
      ... credential to be used if those are for a SQL account. ... > The problem I have now is in modifying the ODBC connection. ... >> Starting Win2000, the machine accounts are security principals, ...
      (microsoft.public.windows.server.security)
    • Re: Unable to connect to DSN
      ... > I finally got tired of dealing with it, so I just used ODBC. ... why do you like OLEDB better? ... There is a great deal of difference: There are two libraries involved when ... I am only using my sa account on my lab rat machine. ...
      (microsoft.public.inetserver.asp.general)