Re: SQL Server Express
- From: Ken Allen <kendrhyd@xxxxxxxxxxxx>
- Date: Mon, 06 Feb 2006 11:54:35 -0500
Andrea Montanari wrote:
hi Ken,<snipped />
Ken Allen wrote:
you can get the full documentatiom, BOL , from http://www.microsoft.com/downloads/details.aspx?FamilyID=BE6A2C5D-00DF-4220-B133-29C1E0B6585F&displaylang=enThanks. This helps.
<snipped />
SQLExpress installs by only allowing trusted connections, thus you have to manual re-enable at instal time or later, perhaps accessing via SSMSE (http://www.microsoft.com/downloads/details.aspx?FamilyID=82AFBD59-57A4-455E-A2D6-1D4C98D40F6E&displaylang=en) the "properties" of the running instance, selecting the "Security tab" (ok, it's no longer a tab, but I hope you understand :D) and enabling "SQL Server and Windows authentication mode"..OK, I can do this on my local system and it works.
access then the "Security" node, "logins", select "sa" login (which is there) and accessing it's "properties" enable it in the "Status" tab (again, it's no longer a tab :D)
I am not using user instances, so that is not the problem.
I have a series of questions, and if anyone can answer some or all of
these, I would be most appreciative.
1. How can I disable Windows users from connecting to or accessing
specific SQL Express databases, but permitting free access to others?
in the "Security" node, "logins", you can see all the registered logins, both Windows accounts/groups, and SQL Server standard logins...
I do only have BUILTIN\Administrators, "sa", NT AUTHORITY\System
if you have further, like BUILTIN\Users, this imply all your local users will be able to connect to your instance.. they have then to be granted access to each database via a database user (and I think I already pointed out that story)..
but are you perhaps using "User Instances"?
if this is the case, then everyone who executes your application will be able to access the referenced database(s) as "user instances" ( or RANU :D) are designed that way..
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsse/html/sqlexpuserinst.asp
I am able to create the database, add the specific logins, define a database user for each of the logins, and assign the default schema to the database users, and then define the schema, and this is working.
I then establish a connection using the new login that is to control the schema, and I add all of the tables and perform initial population, and this is working.
I can connect to the database using the new login that is to access the contents and I can create/update/delete/select data records, but I cannot create or delete tables, as expected.
However, I can login as any Windows user and access and manipulate the schema itself, as well as the database contents!
I cannot always control the installation of SQL Express. When my application is to be installed, I can require that it be present, bu tif it is already present, than I am stuck with the client installation factors.
--> Can I force the 'sa' user to be enabled and valid from code? Can I test for this somehow?
--> How can I prevent valid Windows users from accessing the contents of my database, or at least the schema, from my code alone?
<snipped />
.
- Follow-Ups:
- Re: SQL Server Express
- From: Roger Wolter[MSFT]
- Re: SQL Server Express
- References:
- SQL Server Express
- From: Ken Allen
- SQL Server Express
- Prev by Date: SQL Server Express
- Next by Date: Re: Error installing MSDE
- Previous by thread: SQL Server Express
- Next by thread: Re: SQL Server Express
- Index(es):
Relevant Pages
|
