SQL Server Security Question [Archive] - Glock Talk


View Full Version : SQL Server Security Question

01-31-2005, 13:02
I have better luck getting answers here than most all of the Tech. specific forums I visit, so here goes nuttin.

VB.NET program connecting to SQL Server via SSPI (NT Security).

1 All users must be on a "secure" subnet to be able to access the Server through the firewall.
2 SQL Server is using security account info. from domain SE
3 There can be NO (Zero, zip, zilch, nada) Trust relationships to other domains
4 Cannot use SQL Built in accounts

The Scenario:
99% of all person using application X will be logged on to the SE domain. Their account info. will be passed by the application via SQL connection to the SQL server which will then validate if they are allowed to access the data.

1% may be logged on to other domains or even the local machine (these users DO have accounts on the SE domain).

I can trap the error for bad credentials but I have no clue how to go back and allow that 1% to enter their SE credentials and pass them to the SQL server.

Anyone with thoughts on how to do this feel free to chip in.

I have already tried combining the 2 methods (didn't work)
"Integrated Security=SSPI;Persist Security Info=False;Data Source=MyServer;Initial Catalog=MyData;User ID=SE\Fred;Password=Dorfman"

01-31-2005, 13:28
try www.experts-exchange.com

Sign up for a free account and assign 100 points to your question.

I don't know a thing about SQL. ;)

01-31-2005, 17:06
Not A SQL guy


I Did not Sleep at a Holiday Inn Express

Not sure if this relates Link (http://www.developer.com/net/vb/print.php/1562531)

Check out Externalizing the Connection String

02-01-2005, 12:08
Problem solved - thanks for the input guys.
And for any SQL folks looking over this - look at impersonation *wink*