| Author |
Topic |
|
Sun Foster
Aged Yak Warrior
515 Posts |
 Posted - 2006-04-10 : 13:24:44
|
| Our company's SQL servers which running under windows 2003 used SQL-Windows mixed authentication mode. Do I need add sa and password in asp.net connection string?Do I need create aspnet account for asp.net app? |
|
|
Srinika
Master Smack Fu Yak Hacker
1378 Posts |
Posted - 2006-04-10 : 13:27:31
|
| U can use sa - but better not to.U may create users depending on ur requirements in SQL serverDepending on the applications, use those userskeep the sa for the DBA to deal with the DB.Srinika |
 |
|
|
Sun Foster
Aged Yak Warrior
515 Posts |
Posted - 2006-04-10 : 13:42:28
|
| After user login to domain, what account does user use to connect to SQL server? 1) user's domain account2) sa account3) aspnet account4) other |
|
|
|
rockmoose
SQL Natt Alfen
3279 Posts |
Posted - 2006-04-10 : 13:47:47
|
| No, create a sql-server login and give it access to the database(s) the app need to access.The login name will show up as a user in the database (unless you assign a database user name that is different from the login name).Grant appropriate permissions to this user (or assign the user to a database role, and grant permissions to the database role).There are some inbuilt database roles that might be appropriate, db_datareader for instance.You will need to pass the sql-server login and password in the connection string.We reserve the sa login for emergency, and store the really long password in a safe place.Administrators use other login names to access the server(s), or windows authentication if on the same domain.rockmoose |
|
|
|
Sun Foster
Aged Yak Warrior
515 Posts |
Posted - 2006-04-10 : 14:00:36
|
| This my app connection string which used sa.So, follow your way I should create a SQL account, for example, mySQL password: xxxxx, and replace sa?<add key="ConnectionString" value="data source=ORDER;initial catalog=NEW_ORDER;password=sa;persist security info=False;user id=sa;workstation id=CPU-TENOTEBOOK;packet size=4096" /><add key="ConnectionString" value="data source=ORDER;initial catalog=NEW_ORDER;password=xxxxx;persist security info=False;user id=mySQL;workstation id=CPU-TENOTEBOOK;packet size=4096" /> |
|
|
|
Srinika
Master Smack Fu Yak Hacker
1378 Posts |
Posted - 2006-04-10 : 14:04:54
|
| Sun Foster,Try to understand of the users in SQL and ASP.sa is the Super Administrator of SQL Server, generally, do not use it.Create a user with whatever ur requirements (eg. if u want one particular user for report viewing use a DB_reader)Also u can create ur own customised user with whatever privileges u may assign to itthen USE it in ASP.netIn ASP u don't create usersIn SQL server u create Users and used in ASP.NetU don't and (as far as I know u can't) replace the sa user.U can create a user with all admin rights. But sa is SUPER ADMIN (Means superior of all Admins)Srinika |
|
|
|
Sun Foster
Aged Yak Warrior
515 Posts |
Posted - 2006-04-10 : 14:43:07
|
| Srinika, You made me more clear. Thank you.Do I need to change "machine.config" as I found in forums?Under what situation, it need to be changed?The config file called "machine.config" in the .NET framework config directory must include these two rows:<authentication mode="Windows">...<identity impersonate="true" userName="" password=""/> |
|
|
|
Srinika
Master Smack Fu Yak Hacker
1378 Posts |
Posted - 2006-04-10 : 15:52:37
|
| As far as i knowU can work without any configuration file change.1. Create a User (login) with appropriate priviledges in the SQL server2. When u create connection object (ADO.Net), u have to supply the user name & passwordSrinika |
|
|
|
pootle_flump
1064 Posts |
Posted - 2006-04-10 : 19:32:27
|
| HiIf that is your genuine sa password you would be well advised to change it. I would imagine that it is in the top three password attempts a hacker will try (after blank and password). If someone malicious gets into your server with the sa account you are in a world of trouble. Notice Rockmoose's post - the sa account is rarely used, the password is strong and secured away.HTH |
|
|
|
|
Need sa account for asp.net?