Establish Mixed-Mode Authentication

Thiết lập 11,4 Mixed-Mode Authentication Các thay thế cho chứng thực Windows NT/2000 là hỗn hợp chế độ xác thực. Trong sự sắp xếp này, người dùng được chứng thực đầu tiên của Windows, và một lần nữa chứng thực của SQL Server như ông cố gắng để truy cập cơ sở dữ liệu.
Nội dung trích xuất từ tài liệu:
Establish Mixed-Mode Authentication 11.4 Establish Mixed-Mode AuthenticationThe alternative to Windows NT/2000 authentication is mixed-mode authentication. Inthis arrangement, a user is first authenticated by Windows, and is again authenticated bySQL Server as he tries to access a database. Mixed-mode is the only authentication forusers who are working on Windows 98 computers or Macintoshes, Unix, and other non-Windows machines.My network includes a number of non-Windows computers, such as Apple Macintoshes.In addition, several users are working from Windows 98 computers. I discovered thatthese users are unable to access the SQL Server databases that I created. It appears thatmixed-mode authentication might be the only way for these users to access SQL Server.TechniqueAgain, Enterprise Manager provides the dialog boxes that are necessary to set mixed-mode authentication. After mixed-mode is set, users must first log in to Windows (or, atleast, access the SQL Server machine from a Windows network) and then provide ausername and password to SQL Server before using a database.StepsIn mixed-mode authentication, the user first logs into Microsoft Windows and then intoSQL Server. At each step, the users credentials are authenticated.Mixed-mode authentication means that SQL Server keeps a record of users who areallowed to log in to SQL Server. It matches their password with the password that isstored with their user record.SQL Server stores the users login information in a system table named syslogins in themaster database. This table includes an encrypted security ID (SID) and the usersencrypted password. The other information that is stored in the syslogins table isdiscussed in the next two sections. 1. Use Start, Programs, Microsoft SQL Server, Enterprise Manager to open Enterprise Manager. 2. Open the SQL Server group and right-click on the server you want to configure. 3. Select Properties from the context menu that appears. (The Properties command should be highlighted in the context menu.) 4. Select the Security tab. 5. Select SQL Server and Windows (for Windows 2000 and NT, SQL Server and Windows NT is displayed) from the authentication options near the top of the Security tab (see Figure 11.9). Figure 11.9. Setting mixed-mode authentication is similar to setting Windows NT/2000 authentication. 6. Click the OK button to complete the process and close the Properties dialog box.CommentsAlthough it might sound bothersome to provide two passwords before accessing SQLServer, most often the SQL Server password is provided by the front-end application withwhich the user is working. Users rarely, if ever, actually open Enterprise Manager orQuery Analyzer and directly access the data in SQL Server databases. Instead, theyll usefront-end applications that are written in Visual Basic, Access, or another database tool.Most often, the user opens the application and the application passes the users identityand password to SQL Server as the database connection is made.Although mixed-mode authentication might be more of a hassle to your users, it results inconsiderably better security for your database. Just because a user is able to access yournetwork by using mixed-mode authentication does not mean that he is able to access SQLServer. The paradox is that some users might write down their network or SQL Serverpassword in a location where unauthorized people can see it. However, the same could besaid of any security system, and such security breaches must always be avoided.