Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
AskSQLTeam
Ask SQLTeam Question
0 Posts |
 Posted - 2003-05-22 : 08:08:49
|
| Yvonne writes "I have an application that maintains the securtiy for my SQL Server 2k database, nothing handled at the db level. It's a two tier login approach, db first, then application. Some of the legitimate users run their own SQL Servers and could just register this database in their enterprise manager, access the tables directly. (unaccceptable)I am looking for a way to lock down this database so it can only be accessed from the application itself. Can I do something at logon to limit the user from entering from a specific source?Thank you for your time." |
|
|
robvolk
Most Valuable Yak
15732 Posts |
Posted - 2003-05-22 : 08:12:48
|
quote:
Yvonne writes "I have an application that maintains the securtiy for my SQL Server 2k database, nothing handled at the db level.
Well, you cannot fully secure a SQL Server unless you utilize its security features. I'm interested in knowing how they can register the SQL Server on their local machine and access it...they need a login to do that, which login are they using?There might be a method that kills any connections made outside of your application, but it takes a fair amount of work and can't prevent them from connecting, it can only kill them after they connect. If you want to control logins properly you have to configure them in SQL Server. |
 |
|
|
|
|
|
Session Level Security