----------------------------------------------------------- New Message on BDOTNET
----------------------------------------------------------- From: s_hashim Message 3 in Discussion Setting Persist Security Info to true or yes will allow security-sensitive information, including the userid and password, to be obtained from the connection after the connection has been opened. If you are supplying a userid and password when making a connection, you are most secure if that information is used to open the connection, and then discarded. As a result, your most secure option is to set Persist Security Info to false or no. This is especially important if you are supplying an open connection to an untrusted source or persisting connection information to disk. Keeping Persist Security Info as false ensures that the untrusted source does not have access to the security-sensitive information for your connection and also ensures that no security-sensitive information is persisted to disk with your connection string information. Persist Security Info is false by default. *********************************** Creating Connection Strings When you create a connection string to access SQL Server, you must include attributes that tell SQL Server that you are using Windows integrated security. To configure connection strings for Windows integrated security In any connection string for SQL Server, include the attribute Trusted_Connection=Yes and remove the username and password attributes. The following shows a typical connection string configured for Windows integrated security: "workstation id=WebServer1;packet size=4096; Trusted_Connection=Yes;data source=mySqlServers"; persist security info=False;initial catalog=northwind" Configuring SQL Server You must set up SQL Server to recognize the users who will be accessing it. To configure SQL Server for Windows integrated security >From the Windows Start menu, choose Microsoft SQL Server, and then choose Enterprise Manager. Open the node for the server and expand the node for the database you want to give users permissions for. Right-click the Users node and choose New Database User. In the Database User Properties dialog box, enter domain\username in the Login name box, and then click OK. Alternatively, configure the SQL Server to allow all domain users to access the database. ********** Keep Smiling, Regards. Sayad Hashim Ali Kazi Microsoft India Community Star. ************************ SQL Star International Ltd. SQL House, #13,Infocity,Madhapur, Hyderabad 500 081. Tel: +91-40-2310 1640(Off) +91-40-55683272(Resi) http://www.mugh.net http://sayadhashim.blogspot.com/ ************************ -----Original Message----- From: NellaiMurugan [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 20, 2004 9:53 AM To: BDOTNET Subject: Info need regarding SQLConnection Strings New Message on BDOTNET Info need regarding SQLConnection Strings Reply Reply to Sender Recommend Message 1 in Discussion From: NellaiMurugan What is difference between the followint two connection strings? "Data Source= TestK01\Factory;Database=FactoryDB; Integrated Security=SSP1" "Persist Security Info=False;Integrated Security=SSPI;database=northwind;server=mySQLServer" Can anyone explain? View other groups in this category. ----------------------------------------------------------- To stop getting this e-mail, or change how often it arrives, go to your E-mail Settings. http://groups.msn.com/bdotnet/_emailsettings.msnw Need help? If you've forgotten your password, please go to Passport Member Services. http://groups.msn.com/_passportredir.msnw?ppmprop=help For other questions or feedback, go to our Contact Us page. http://groups.msn.com/contact If you do not want to receive future e-mail from this MSN group, or if you received this message by mistake, please click the "Remove" link below. On the pre-addressed e-mail message that opens, simply click "Send". Your e-mail address will be deleted from this group's mailing list. mailto:[EMAIL PROTECTED]
