.net sql server account database authentication question

Discussion:

Mark Aurit

2008-06-12 22:33:41 UTC

Im creating an asp.net/sql server app; Id prefer to use a sql server
account to maximize connection pooling, our security guy wants
integrated security. We've reached an agreement where I can use a
single account as long as its a domain account, but Ive been unable to
figure out how to do so (if its even possible). Im thinking I either
need to use integrated security but force sql server to use a single
account, or use a regular connection string, naming the domain account
and password with Integrated Security=false.
Does want I want to do sound possible?
Thanks, Mark

===================================
This list is hosted by DevelopMentor® http://www.develop.com

View archives and manage your subscription(s) at http://discuss.develop.com

Efran Cobisi, cobisi.com

2008-06-21 09:58:35 UTC

Permalink

Post by Mark Aurit
Id prefer to use a sql server
account to maximize connection pooling

It's actually the opposite. Using SQL Server accounts would minimize the
ability to pool connections, as you need different connections for each
account involved.

Post by Mark Aurit
We've reached an agreement where I can use a
single account as long as its a domain account, but Ive been unable to
figure out how to do so (if its even possible).

It is certainly possible to use a domain account to run your application
with, using a connection with integrated security to your SQL Server
data store.

Post by Mark Aurit
Im thinking I either
need to use integrated security but force sql server to use a single
account

Sure, just run your application using that account and impersonate it
within your connection, using integrated security as mentioned.

Post by Mark Aurit
, or use a regular connection string, naming the domain account
and password with Integrated Security=false.

This last approach is not feasable.

HTH

--
Efran Cobisi
http://www.cobisi.com

===================================
This list is hosted by DevelopMentor® http://www.develop.com

View archives and manage your subscription(s) at http://discuss.develop.com

Chris Anderson

2008-06-21 23:17:23 UTC

Permalink

Post by Mark Aurit
Im creating an asp.net/sql server app; Id prefer to use a sql server
account to maximize connection pooling, our security guy wants
integrated security. We've reached an agreement where I can use a
single account as long as its a domain account, but Ive been unable to
figure out how to do so (if its even possible). Im thinking I either
need to use integrated security but force sql server to use a single
account, or use a regular connection string, naming the domain account
and password with Integrated Security=false.

You could either:
Set the account that ASP.NET uses (not great because it will affect all
ASP.NET applications), or use impersonation [1]

Now the problem is of course that you have to store the domain username
and password somewhere
(At least with a SQL Server user the account info would only allow
someone access to SQL Server and was so easier to lock down)

Chris

[1] http://msdn.microsoft.com/en-us/library/aa292118(VS.71).aspx

===================================
This list is hosted by DevelopMentor� http://www.develop.com

View archives and manage your subscription(s) at http://discuss.develop.com

Continue reading on narkive:

Search results for '.net sql server account database authentication question' (Questions and Answers)

replies

how to connect sql server 2005 to vb.net ?

started 2010-06-13 10:09:39 UTC

programming & design

replies

what is database managment system (DBMS)?

started 2006-06-22 01:26:44 UTC

programming & design

replies

can i get question answer of asp.net ?