Tuesday, February 14, 2012

Customizing Security

Hello,
I was wondering if its possible to have database user authenticate
against an external database or directory server? The client has a
centralized repository system that they would like all systems to
authenticate against. If this is feasible, can offer any suggestions
on how we can achieve this?
Thanks in advance
TomHi Tom,
Are you asking about central authentication using SQL Security or
Windows Authentication?
Thanks,
Kevin McDonnell
Microsoft Corporation
This posting is provided AS IS with no warranties, and confers no rights.|||I have a similar situation and need to plan for centralized security around
Windows/AD. Furthermore I need to leverage the AD groups/roles in the
architecture. ANy insite or direction would me appriciated.
"Kevin McDonnell [MSFT]" wrote:

> Hi Tom,
> Are you asking about central authentication using SQL Security or
> Windows Authentication?
> Thanks,
> Kevin McDonnell
> Microsoft Corporation
> This posting is provided AS IS with no warranties, and confers no rights.
>
>|||Previous post:
I have a similar situation and need to plan for centralized security around
Windows/AD. Furthermore I need to leverage the AD groups/roles in the
architecture. ANy insite or direction would me appriciated.
Reply;
We use Domain based groups or local groups to base our security on. We can
publish objects to
Active Directory, but our security is not tied to AD like Exchange 2000 for
example. We can authenticate via
Trusted Connections using NTLM or Kerberos. Kerberos based authentication
requires that the Server Principal Name is
set for SQL. See Books Online for the example.
Our Security Model is discussed here:
http://www.microsoft.com/technet/pr...n/sp3sec01.mspx
Thanks,
Kevin McDonnell
Microsoft Corporation
This posting is provided AS IS with no warranties, and confers no rights.

No comments:

Post a Comment