[英]SQL Server 2008 R2 disable login from Windows Authentication
I understand that the reason mixed mode allows login with Windows authentication is for security purposes. 我知道混合模式允许使用Windows身份验证登录的原因是出于安全目的。 My boss asked me to create a
setup.exe
that installs: 我的老板要求我创建一个
setup.exe
来安装:
The install is fully automated with limited user input. 只需有限的用户输入,安装即可完全自动化。 SQL Server and the SSMS are implemented with a config file.
SQL Server和SSMS是通过配置文件实现的。
sa
and serviceRXuser
(strong passwords) are SQL Server authentication logins. sa
和serviceRXuser
(强密码)是SQL Server身份验证登录名。
I don't want my clients to have access to our database, because editing drug data could be potentially life threatening. 我不希望我的客户访问我们的数据库,因为编辑药物数据可能会危及生命。 And yes, we have had clients alter things in our database... causing application errors that required re-installation.
是的,我们让客户端更改了数据库中的内容……导致了需要重新安装的应用程序错误。
Is there any way to, at least, limit access to keep end-users from editing the data? 至少有什么方法可以限制访问权限,以阻止最终用户编辑数据? Preferably a T-SQL command so I can keep automation.
最好是一个T-SQL命令,这样我就可以保持自动化。 If not, is there any way to hide the database?
如果没有,是否有任何隐藏数据库的方法?
first of all, don't share SA password (on any strong user password) with your clients :) 首先,不要与您的客户共享SA密码(使用任何强用户密码):)
Your app is running on client machines and coonnect to SQL via ODBC? 您的应用程序正在客户端计算机上运行,并通过ODBC连接到SQL吗?
hmmm.... it is hard, because the users can use Your ODBC connection from ACCESS and EXCEL too. hmmm...。这很困难,因为用户也可以从ACCESS和EXCEL使用您的ODBC连接。 Can you change Your app to don't use ODBC?
您可以将您的应用程序更改为不使用ODBC吗?
If You grant ONLY exec rights on stored procedures to serviceRXuser (don't need DB_DATAREADER or any other rights), then clients can't do anything, only what You can handle in SP-s. 如果您仅将存储过程的exec权限授予serviceRXuser (不需要DB_DATAREADER或任何其他权限),则客户端将无能为力,只有您可以在SP-s中处理的事情。 You can send an encoded parameter to every SP, and decode is wrong, raise any random error SQL ;) Users can't create this encoding from excel/access ;)
您可以将编码的参数发送到每个SP,并且解码错误,并引发任何随机错误SQL;)用户无法从excel / access创建此编码;)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.