Please start any new threads on our new site at https://forums.sqlteam.com. We've got lots of great SQL Server experts to answer whatever question you can come up with.

 All Forums
 SQL Server 2000 Forums
 SQL Server Administration (2000)
 SQL logins and the Windows audit logs

Author  Topic 

AskSQLTeam
Ask SQLTeam Question

0 Posts
Posted - 2005-06-30 : 07:47:03
Chas writes "I setup my sql server authentication for "SQL Server and Windows". This lets local domain users attach without the need for an addition username/password.

Users outside my Windows domain can connect using a SQL username/password.

I've noticed when an outside user connects to SQL Server the SQL server attempts to authenticate the user against the domain first which generates a Windows Security audit log entry. The user can connect, but the audit log entry is generated, causing us to have to look into "Login failures" problems.

How can you stop this bogus entry without stopping auditing ? The user was able to connect, he just connected using SQL username not Windows username."

KLang23
Posting Yak Master

115 Posts
Posted - 2005-07-01 : 14:26:59
How is the client managing connections?
Does it first attempt a Windows (trusted) authentication connection and then a SQL authentication if the first fails, or is this all happening in native Query Analyzer?

I haven't tested anything to disprove this in QA, but if the connection string is appropriate, an error shouldn't be logged.

Cheers.
Go to Top of Page

jen
Master Smack Fu Yak Hacker

4110 Posts
Posted - 2005-07-04 : 21:38:56
how do you log the entry, is this the logging event of sql server or customized?

if customized, review how things are logged
if native, check if the entry was successful or not, if you don't want to see successful connections, modify the security audit settings

--------------------
keeping it simple...
Go to Top of Page

derrickleggett
Pointy Haired Yak DBA

4184 Posts
Posted - 2005-07-04 : 23:39:40
You need to look at your data connection component. We have a lot of users connecting this way. It never shows them failing Windows Authentication first though.

MeanOldDBA
derrickleggett@hotmail.com

When life gives you a lemon, fire the DBA.
Go to Top of Page
   

Subscribe to SQLTeam.com

SQLTeam.com Articles via RSS

SQLTeam.com Weblog via RSS

- Advertisement -

Resources

Articles

Forums

Blogs

Contact Us

About the Site