| Author |
Topic |
|
DatabaseStudent
Yak Posting Veteran
71 Posts |
 Posted - 2014-12-07 : 17:19:03
|
| I have SQL Server 2012 that is set to Windows Authentication. I have an admin access to my account and I also want to have a program write to my database. When I tried to create a new login for it in Management Studio, I am getting a 15407 error. May I please get some advice from an experienced DBA on this? I want to make sure my database is secure and want the program to be able to only write and get into a specific database and not have access to everything. |
|
|
ahmeds08
Aged Yak Warrior
737 Posts |
Posted - 2014-12-09 : 07:57:07
|
| is it a windows login that you are trying to create?Javeed Ahmedhttps://www.linkedin.com/pub/javeed-ahmed/25/5b/95 |
 |
|
|
DatabaseStudent
Yak Posting Veteran
71 Posts |
Posted - 2014-12-09 : 09:59:36
|
| A new login for SQL Server 2012 with Windows Authentication. |
|
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2014-12-09 : 12:38:15
|
| Please post the text of the error message, the entire string including the error number and other numbers that appear. We need the entire thing.Tara KizerSQL Server MVP since 2007http://weblogs.sqlteam.com/tarad/ |
|
|
|
DatabaseStudent
Yak Posting Veteran
71 Posts |
|
|
ahmeds08
Aged Yak Warrior
737 Posts |
Posted - 2014-12-10 : 02:23:21
|
| you need to mention the complete name as it says in the above message <Domain\MyLogin>Do you have a windows user with name MyLogin?Javeed Ahmedhttps://www.linkedin.com/pub/javeed-ahmed/25/5b/95 |
|
|
|
DatabaseStudent
Yak Posting Veteran
71 Posts |
Posted - 2014-12-10 : 13:09:21
|
| No, I substituted MyLogin for the real name. I don't have a windows account for the real name. I just have my own windows account. |
|
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2014-12-10 : 13:15:27
|
| I'm confused. You are trying to add a Windows account to the SQL Server, but the account doesn't exist in Active Directory or on the local database server?Tara KizerSQL Server MVP since 2007http://weblogs.sqlteam.com/tarad/ |
|
|
|
DatabaseStudent
Yak Posting Veteran
71 Posts |
Posted - 2014-12-10 : 15:18:56
|
| I am trying to add a login for the database that isn't my own for software use. So if SoftwareABC is being used to read/write data, I can tell it to only read/write data for DatabaseABC.I am right clicking on Security on the server, selecting New Login, and then setting the default Database to DatabaseABC. Then I get the error. Doing it similar to this video except Windows Authentication: https://www.youtube.com/watch?v=tqKrvwdCczoI am not sure about some of the jargon you are using. |
|
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2014-12-10 : 15:20:29
|
| It doesn't sound like you have created the login in Windows (either locally or in the domain). You'll need to create it in Windows first if you intend to use Windows authentication.Tara KizerSQL Server MVP since 2007http://weblogs.sqlteam.com/tarad/ |
|
|
|
DatabaseStudent
Yak Posting Veteran
71 Posts |
Posted - 2014-12-10 : 15:34:37
|
| Is Windows Auth possible if I want to be loggedin as myself on Windows but have software logged in as a different user with Windows Auth on the server/database? |
|
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2014-12-10 : 15:36:24
|
| Yes, but it'll depend on how things are setup. If it's a service, then you can change the credentials to a different logon. It really depends on your application. You can use the "run as" option I suppose too. Tara KizerSQL Server MVP since 2007http://weblogs.sqlteam.com/tarad/ |
|
|
|
DatabaseStudent
Yak Posting Veteran
71 Posts |
Posted - 2014-12-10 : 15:46:56
|
| It is a windows application. Change the credentials for what?I don't know if you are talking about Windows, SQL Server 2012, or my software. I just want Windows Auth for login ABC to work with softwareABC to login into Server 2012 and only have access to DatabaseABC to read/write. My server is on my pc. |
|
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2014-12-10 : 15:52:54
|
| It seems you are missing some fundamental knowledge about security. Credentials are just userid/password.Windows authentication uses the current security context. For a Windows application, that would be the person logged onto the computer. That's you in this case. I am not sure if "run as" will work, but you could give it a try. Otherwise, you'll need to use SQL authentication. Tara KizerSQL Server MVP since 2007http://weblogs.sqlteam.com/tarad/ |
|
|
|
DatabaseStudent
Yak Posting Veteran
71 Posts |
Posted - 2014-12-10 : 16:01:16
|
| From what I read, Windows Auth is the recommended best practice for security. If software is using my login, couldn't it access other tables outside of the ones I want to limit it to? SQL login would make security more vulnerable so I was looking to avoid that. |
|
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2014-12-10 : 16:02:56
|
| Yes Windows authentication is the best practice for access to SQL Server. Like I said, try "run as" option so that it doesn't use your logon due to current security context.But first you need to create the login in Windows. Then you add it to SQL Server. Then you can test "run as" option.Tara KizerSQL Server MVP since 2007http://weblogs.sqlteam.com/tarad/ |
|
|
|
DatabaseStudent
Yak Posting Veteran
71 Posts |
Posted - 2014-12-10 : 17:10:30
|
| Thank you very much. I will give that a shot tonight and report back if it worked or not. |
|
|
|
|
New DBA Questions