Controlling access to SQL Server

Results 1 to 3 of 3

Thread: Controlling access to SQL Server

  1. #1
    Scott Doughty Guest

    Default Controlling access to SQL Server

    IIS 4, SQL Server 7 SP2<BR>We&#039re using NT security on SQL Server, controlled by membership of local groups on the database machine. Using NT challenge/response on the intranet web server (separate machine). When a user tries to access data from SQL Server via the intranet I want the data they are allowed to see to be restricted by the right granted to them on the database server. I&#039ve tried setting up a system DSN on the web server and telling it to use NT security but this doesn&#039t work. Any ideas?<BR>Thanks for any help.

  2. #2 Guest

    Default RE: Controlling access to SQL Server

    I think that if you use DSN-less conection you could substitute the username and password of the currently authenticated client in your connection string parameters. <BR><BR>I hope this makes some sense, but I am not a SQL Server expert.

  3. #3
    Join Date
    Dec 1969

    Default RE: Controlling access to SQL Server

    Trouble is I don&#039t know the user passwords. The web server authenticates the user against the domain and I can access the user logon name from a session variable, but as far as I can see I cannot access the password at any point. I suppose I could ask the user to enter their password on the page but then it would be passed to the web server unencrypted, and anyway it is rather inelegant.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts