| Author |
Topic |
|
AnjiReddyK
Starting Member
5 Posts |
 Posted - 2005-05-20 : 03:24:17
|
| Hi,I want to protect my sql server data with enduser including the End User with Administrative rights. I don't want to expose my sql server data to any one. It is published only through my front end application. I have installed the Second Instance of SQL SERVER and I dumped my database into that Second Instance. even from second instance of sql server also through Windows Authentication mode the client is able to connect to the database. We are able to stop connecting through SQL Authentication but not with Windows authentication because he may have admin rights on his/her system. Is there any solution to stop connecting to the second instance from windows authentication? Please suggest me on that. Thanks & RegardsAnji Reddy |
|
|
kid_on_the_block
Posting Yak Master
172 Posts |
Posted - 2005-05-20 : 04:09:09
|
| It seems like you have selected the mixed mode to get access to SQL Server. Change that to only SQL authentication & then change the SA password , I dont think then anyone will have access to the Server |
 |
|
|
AnjiReddyK
Starting Member
5 Posts |
Posted - 2005-05-20 : 04:27:08
|
Hi Thank youBut we don't have only Sql Authentication mode.we have 2 options 1) Windows2) Mixed(Sql Server and windows)Thanks & RegardsAnji Reddyquote:
Originally posted by kid_on_the_block
It seems like you have selected the mixed mode to get access to SQL Server. Change that to only SQL authentication & then change the SA password , I dont think then anyone will have access to the Server
|
|
|
|
mr_mist
Grunnio
1870 Posts |
Posted - 2005-05-20 : 05:16:22
|
| If you want to prevent a user from logging in, then add that user's windows account to the logins and click "deny access". Bear in mind though that this will override any allowed access through other methods for that account.-------Moo. :) |
|
|
|
AnjiReddyK
Starting Member
5 Posts |
Posted - 2005-05-20 : 06:09:03
|
Hi mr_mist,I we cannot override the database administrators access rights and we need to prevent data even from database administrator.Thanks & RegardsAnji Reddyquote:
Originally posted by mr_mist
If you want to prevent a user from logging in, then add that user's windows account to the logins and click "deny access". Bear in mind though that this will override any allowed access through other methods for that account.-------Moo. :)
|
|
|
|
mr_mist
Grunnio
1870 Posts |
Posted - 2005-05-20 : 07:20:43
|
quote:
Originally posted by AnjiReddyK
Hi mr_mist,I we cannot override the database administrators access rights and we need to prevent data even from database administrator.
Clearly if you can't do it you can't do it. I'm not sure what you are asking in that case.-------Moo. :) |
|
|
|
robvolk
Most Valuable Yak
15732 Posts |
Posted - 2005-05-20 : 07:22:02
|
| If you cannot trust your DBA with the database, then you need to find another DBA. The only other option you have (and it's not a good one) is to encrypt the sensitive data in your application before you insert it into the database. Saying the DBA cannot access the data is like saying you can't allow a doctor to examine you, because you have a wart or embarrassing birthmark. |
|
|
|
AnjiReddyK
Starting Member
5 Posts |
Posted - 2005-05-20 : 07:36:43
|
Hi Here my point is if my competetor buys my software and studied the database design completely and he can also implement the same functionality. My clent will sale this software to others and this is my client requirement but not ours.Thansk & RegardsAnji Reddyquote:
Originally posted by robvolk
If you cannot trust your DBA with the database, then you need to find another DBA. The only other option you have (and it's not a good one) is to encrypt the sensitive data in your application before you insert it into the database. Saying the DBA cannot access the data is like saying you can't allow a doctor to examine you, because you have a wart or embarrassing birthmark.
|
|
|
|
mr_mist
Grunnio
1870 Posts |
Posted - 2005-05-20 : 07:53:39
|
quote:
Originally posted by AnjiReddyK
Hi Here my point is if my competetor buys my software and studied the database design completely and he can also implement the same functionality.
..and if someone did that, then you could sue them.Anyway, if you are bothered, then your choices are either to encrypt your data and/or procedures, or to only allow your database to be used as part of a hosted and managed application.-------Moo. :) |
|
|
|
AnjiReddyK
Starting Member
5 Posts |
Posted - 2005-05-20 : 08:22:28
|
| HiI have the one more option going for column level encryption also.But it slows down the performance if we encrypted more number of columns.Thnaks & RegardsAnji Reddy |
|
|
|
|
How to disable sql server windows authentication