Hello,
I am using a SQL Server (MSDE) db, currently configured to only accept
Windows-NT Authentication logins. This has worked well for a while -
much easier to administer. However I have a group of users that have
presented a special problem.
These users have valid logins under a valid Windows Domain ie
<Domain>\<user>. Unlike most users, however, they do not login to the
windows domain when they log into their machines (instead they login
to the local machine). In cases other than mine, when they access
applications/web services that require authentication to the said
windows domain, they are prompted for login credentials (ie
username=<domain>\<user> and password). They can then proceed to use
the application/web service.
With my SQL Server database, however, this does not happen. When they
attempt to login to my database, I am guessing that the server figures
out that they are not currently logged in to the windows domain, so
denies them access outright. They are given no opportunity to enter
their credentials. They are attempting to access the database using
data access pages / OWC10.
Is there any way that I can setup a connection string which allows me
to continue using Windows-NT Authentication, but will prompt users for
login credentials if they are not currently logged in to the required
Windows Domain?
Thanks heaps for your help.
Nick TompsonIt's been a while since I've worked with data access pages, but as I
recollect the connection is hard-wired into the page. What I think
you're going to have to do is to provide a login where they can join
the domain that is accredited with your SQL Server prior to loading
the page. I could be wrong about this -- you might want to post the
question in the microsoft.public.access.dataaccess.pages ng.
-- Mary
On 2 May 2004 23:48:13 -0700, ntompson@.utas.edu.au (Nick Tompson)
wrote:
>Hello,
>I am using a SQL Server (MSDE) db, currently configured to only accept
>Windows-NT Authentication logins. This has worked well for a while -
>much easier to administer. However I have a group of users that have
>presented a special problem.
>These users have valid logins under a valid Windows Domain ie
><Domain>\<user>. Unlike most users, however, they do not login to the
>windows domain when they log into their machines (instead they login
>to the local machine). In cases other than mine, when they access
>applications/web services that require authentication to the said
>windows domain, they are prompted for login credentials (ie
>username=<domain>\<user> and password). They can then proceed to use
>the application/web service.
>With my SQL Server database, however, this does not happen. When they
>attempt to login to my database, I am guessing that the server figures
>out that they are not currently logged in to the windows domain, so
>denies them access outright. They are given no opportunity to enter
>their credentials. They are attempting to access the database using
>data access pages / OWC10.
>Is there any way that I can setup a connection string which allows me
>to continue using Windows-NT Authentication, but will prompt users for
>login credentials if they are not currently logged in to the required
>Windows Domain?
>Thanks heaps for your help.
>Nick Tompson|||If the users log on to the local machine then that is the login tha SQL
Server expects. You can workaround this problem by creating a user account
on the SQL Server machine with the same name and password as the users who
are logging in and grant that login a login within SQL Server. This should
allow them to log in to SQL Server using the local machine account.
Outside of that I am not sure there is a way, unless you can get the IIS
anonymous login to be used by these users.
Rand
This posting is provided "as is" with no warranties and confers no rights.|||Thankyou both for your comments. I think that your solutions may work,
however, I am keen to stick with Windows-NT Authentication if I can, as
I do not want to have to manage usernames and passwords.
Any other ideas?
Thanks
Nick Tompson
*** Sent via Developersdex http://www.codecomments.com ***
Don't just participate in USENET...get rewarded for it!|||If you don't want to create mirrored local accounts, you might try having
the users map a drive to a share on the SQL Server using their domain
account. I believe SQL Server will use these security credentials for the
trusted connection.
Hope this helps.
Dan Guzman
SQL Server MVP
"Nick Tompson" <ntompson@.utas.edu.au> wrote in message
news:uOTSDsWMEHA.3012@.tk2msftngp13.phx.gbl...
> Thankyou both for your comments. I think that your solutions may work,
> however, I am keen to stick with Windows-NT Authentication if I can, as
> I do not want to have to manage usernames and passwords.
> Any other ideas?
> Thanks
> Nick Tompson
>
> *** Sent via Developersdex http://www.codecomments.com ***
> Don't just participate in USENET...get rewarded for it!
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment