First English is not my native language, so this question can be answered somewhere else or may be duplicated, i tried to Google it, but i didn't find the proper way to describe my need so thank you for understanding.
i have two application (Server/Clients), The database is in the Server machine, and the Client application will just connect to the Database using Sql Server, I'm using EF, my question :
when i wanted to add Data Server, in the wizard it asks for SQL Authentication user :
I'm not sure, but i don't think i should use the "sa" account right !? can somebody confirm that to me please, and suggest me the right approach to do that ! thank you so much.
No, never use SA. Make a user for the server to use and givce it the needed rights. It is quite normal to have application specific logins on a database server.
I'm in the process of converting an old application to work with SQL Server instead of hundreds of Paradox DB files.
I'm using ODBC and most of the stuff is working.
However I do have a problem.
In some forms, is asking for password. I've double checked the TDatabase and TTable components, added USER NAME=sa and PASSWORD=****** to the Parameters and turned OFF the LoginPrompt
What's missing?
Is there any other way to initialize just once all the 5 databases and don't ever ask for password again?!
I've checked other questions here at StackOverflow, but didn't find a suitable one :(
Thank you
You can use SQL Server "Windows Authentication" mode. You can assign the database permissions to a Windows Domain group/groups or individual Windows users. In this case the users will be automatically authenticated to the databases without prompts.
I've been asked to find out why a program is failing. I've traced it to a SQL stored procedure. The program passes in the name of a file that the st. proc. presumably tries to read.
However, the SQL server is returning an error indicating that it cannot access the file because access is denied.
My connection string says Integrated Security=SSPI;. I know for sure that the account that I'm logged in with to run the program has access to the file.
How can I find out for sure what user account the SQL server is using to access the file?
The Windows Process Monitor is a good place to start.
http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx
Out of interest what version of SQL, are we talking CLR or just plain ol' sprocs?
It will be using the SQL Server service account to access the file system.
You can look at this article. User USER_NAME to get the SQL Username for the logged in user.
However, it sounds like the problem might be permissions with the FILE, not with the DB. You'll want to check that the appropraite permissions are set on the File and Directory as well as on the DB.
As part of my university coursework, I was asked to design and create an HCI for a shop. Part of it is to connect Delphi 7 to MS Access and run SQL queries. I have the database connected to Delphi, but when I run the program and enter the query it prompts me to enter a username and password to access the database. Does anyone have any ideas on what's going on? I am stumped for ideas!
Any help is greatly appreciated!
Andy
Simple solution, the LoginPrompt to FALSE on your TAdoDatabase component. Make sure that your query object then is linked to the database component.
One of the things that puzzles many people is the way Jet user-level security works. When you are running Access, you are logging on whether you know it or not. If you see no username/password prompt when you open an MDB, you are logging on as the ADMIN users with no password.
Thus, to open any Jet MDB, you need to provide a valid username/password pair. If you have not set a password on the admin account, you still need to provide the admin username with no password.
You need to set the LoginPrompt property to True, but also implement the OnLogin event. In that event, set username (and if available password) of the LoginParams parameter of the event.
So basically I'm building an app for my company and it NEEDS to be built using MS Access and it needs to be built on SQL Server.
I've drawn up most of the plans but am having a hard time figuring out a way to handle the auditing system.
Since it is being used internally only and you won't even be able to touch the db from outside the building we are not using a login system as the program will only be used once a user has already logged in to our internal network via Active Directory. Knowing this, we're using a system to detect automatically the name of the Active Directory user and with their permissions in one of the DB tables, deciding what they can or cannot do.
So the actual audit table will have 3 columns (this design may change but for this question it doesn't matter); who (Active Directory User), when (time of addition/deletion/edit), what (what was changed)
My question is how should I be handling this. Ideally I know I should be using a trigger so that it is impossible for the database to be updated without an audit being logged, however I don't know how I could grab the Active Directory User that way. An alternate would be to code it directly into the Access source so that whenever something changes I run an INSERT statement. Obviously that is flawed because if something happens to Access or the database is touched by something else then it will not log the audit.
Any advice, examples or articles that may help me would be greatly appreciated!
Does this work for you?
select user_name(),suser_sname()
Doh! I forgot to escape my code.
Ok, it's working here. I'm seeing my windows credentials when I update my tables. So, I bet we missed a step. Let me put together a 1,2,3 sequence of what I did and maybe we can track down where this is breaking for you.
Create a new MSAccess database (empty)
Click on the tables section
Select external data
Pick ODBC database
Pick Link to the datasource by creating a linked table
Select Machine datasource
Pick New...
System Datasource
Pick SQL Server from the list and click Next, Finish.
Give the new datasource a name and description, and select (local) for the server. Click Next.
Pick "With Windows NT authentication using the network login ID". Click Next.
Check Change the default database to, and pick the DB. Click Next. Click Finish.
Test the datasource.
Pick the table that the Trigger is associated with and click OK.
Open the table in Access and modify one of the entries (the trigger doesn't fire on Insert, just Update)
Select * from your audit table
If you specify SSPI in your connection string to Sql, I think your Windows credentials are provided.
I tried playing with Access a bit to see if I could find a way for you. I think you can specify a new datasource to your SQL table, and select Windows NT Authentication as your connection type.
Sure :)
There should be a section in Access called "External Data" (I'm running a new version of Access, so the menu choice might be different).
Form this there should be an option to specify an ODBC connection.
I get an option to Link to the datasource by creating a linked table.
I then created a Machine datasource. I selected SqlServer from the drop down list. Then when I click Next, I'm prompted for how I want to authenticate.
CREATE TRIGGER testtrigger1
ON testdatatable
AFTER update
AS
BEGIN
INSERT INTO testtable (datecol,usercol1,usercol2) VALUES (getdate(),user_name(),suser_sname());
END
GO
We also have a database system that is used exclusively within the organisation and use Window NT logins. This function returns the current users login name:
CREATE FUNCTION dbo.UserName() RETURNS varchar(50)
AS
BEGIN
RETURN (SELECT nt_username FROM master.dbo.sysprocesses WHERE spid = ##SPID)
END
You can use this function in your triggers.
It should be
select user name(),suser sname()
replace spaces with underscores
you need to connect with integrated security aka trusted connection see (http://www.connectionstrings.com/?carrier=sqlserver)
How many users of the app will there be? Is there possibility of using windows integrated authentication for SQL authentication?
Updated: If you can give each user a SQL login (windows integrated) then you can pickup the logged on user using the SYSTEM_USER function.
My solution would be not to let Access modify the data with linked tables.
I would only create the UI in Access and create an ADO connection to the server using windows authenticated in the connection string. Compile you Access application as dbe to protect the VB code.
I would not issue SQL statement, but I would call stored procedures to perform the changes in the database, and create the audit log entry in an atomic transaction.
The UI (Access) does not need to know the inner works on the server. All it needs to do is request and update/insert/delete using the stored procedures you would create for this purpose. The server should handle the work.
Retrieve a record set with ADO using a view with the hint NOLOCK implemented in the server and cache this data in Access for local display. Or retrieve a single record and lock only that row for editing.
Using linked tables your users will be locking each other.
With ADO connections you will not have the trouble to set ODBCs on every single client.
Create a table to set the server status. You application will check it before any action. you can use it to close the server to the application in case that you need to perform changes or maintenance.
Access is a great tool. But it should only handle its local data and not be allowed to mess with the precious server.