堆栈内存溢出
  简体   繁体   English

MSSQL 连接字符串 - Windows 使用另一组凭据进行身份验证

[英]MSSQL connection string - Windows Authentication using another set of credentials

 原文  2012-04-11 02:35:31       python/ sql-server/ windows/ authentication/ odbc

问题描述

It doesn't seem possible to craft a connection string so that you can open a connection to a mssql server using another user's windows credentials.似乎无法制作连接字符串,以便您可以使用其他用户的 windows 凭据打开与 mssql 服务器的连接。 It appears you are limited to specifying either a sql server account, or specifying no creds at all which passes along the current set being used on the domain.看来您仅限于指定 sql 服务器帐户,或者根本不指定任何信用,这些信用会传递域上正在使用的当前集合。

What workarounds are effective ways to circumvent this restriction?哪些变通办法是规避此限制的有效方法?

A bit of background:一点背景:
The company I'm deploying at would like to set up windows credentials for each application accessing the shared databases.我正在部署的公司想为访问共享数据库的每个应用程序设置 windows 凭据。 This works well for daemon-like background tasks, but it seems a bit complicated for desktop applications.这对于类似守护进程的后台任务很有效,但对于桌面应用程序来说似乎有点复杂。

I've been asked to NOT pass the users creds to the database, but instead pass a set of windows creds reserved for the application itself... not sql server credentials, but an account on the domain for the application.我被要求不要将用户凭据传递到数据库,而是传递一组为应用程序本身保留的 windows 凭据...不是 sql 服务器凭据,而是应用程序域上的帐户。

I've been contemplating using Runas to launch the application (written in Python) using this application windows account.我一直在考虑使用Runas使用此应用程序 windows 帐户启动应用程序(用 Python 编写)。

Perhaps someone out there can suggest a better way?也许有人可以提出更好的方法?

2 个解决方案

解决方案1
 1 已采纳  2012-04-11 03:19:17

You could set up a domain group (active directory) for the application, then assign specific domain users to be in that group.您可以为应用程序设置一个域组(活动目录),然后将特定的域用户分配到该组中。 The I suppose you could grant privileges to the database for that group.我想您可以为该组授予数据库权限。

This would allow specific permissions to be controlled for the group.这将允许为组控制特定权限。

Just a suggestion, I hope it helps.只是一个建议,希望对你有帮助。 Good luck!祝你好运!

解决方案2
 1  2012-04-11 14:12:15

There is no way to, in the connection string, specify an alternative set of Windows credentials.无法在连接字符串中指定另一组 Windows 凭据。 Your instinct about runas is spot on.你对 runas 的直觉是正确的。 I often use that to launch SSMS when connecting to a different domain than my laptop is on.当连接到与笔记本电脑所在的域不同的域时,我经常使用它来启动 SSMS。 Good luck!祝你好运!

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用 Windows 身份验证将 Django 连接到 MSSQL - How to connect Django to MSSQL with Windows Authentication 使用 turbodbc 连接到 MSSQL 时出错 - Errors on connection to MSSQL using turbodbc 使用来自 IIS7 的 Windows 身份验证通过 django-pyodbc 对 MSSQL 进行身份验证 - Authenticating MSSQL through django-pyodbc using Windows Authentication from IIS7 在多种功能中使用身份验证凭据 - Using authentication credentials in multiple functions 如何使用python使用mssql+pyodbc连接字符串创建和删除数据库 - How to create and delete database using mssql+pyodbc connection string using python 使用SQLAlchemy在Azure上的MSSQL“对等连接重置” - MSSQL “connection reset by peer” on Azure using SQLAlchemy 使用Cognito凭证的AWS IOT连接 - AWS IOT connection using Cognito credentials 如何使用 GitPython 跳过 Windows 凭据管理器 - How to skip Windows Credentials Manager using GitPython pyodbc 连接字符串 sql 服务器身份验证 - pyodbc connection string sql server authentication Postgresql 身份验证失败,来自 Python 连接字符串 - Postgresql Authentication Failing from Python Connection String
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM