- When I create a new data source to SQL Server through ODBC on a client workstation, two options in "Create a new Data Source to SQL Server" box: 1. with Windows authentication, 2. with SQL Server authentication, which option should I select in that box?
- If I select Windows authentication in that box, what are the advantages and disadvantages? If I select SQL Server authentication, then I need to create over 800 users on the SQL Server machine, is that correct?
The basic answer is if you are in a Windows domain and have no restrictions, then set the SQL Server to use Windows Only. This allows you to manage all of your users in one place, the domain. The passwords exist once, have expirations, password strength can be enforced, and accounts locked out on failed login. This also allows you to place users into Windows groups based on data access, grant access to SQL Server to those groups, and then grant appropriate access on objects to those groups. This gets you away from having to define permissions for each individual user.
For More Information
- Dozens more answers to tough SQL Server questions from Michael Hotek are available here.
- The Best Microsoft SQL Server Web Links: tips, tutorials, scripts, and more.
- The Best SQL Web Links
- Have a SQL Server tip to offer your fellow DBAs and developers? The best tips submitted will receive a cool prize. Submit your tip today!
- Ask your technical SQL Server questions -- or help out your peers by answering them -- in our live discussion forums.
- Ask the Experts yourself: Our SQL, database design, Oracle, SQL Server, DB2, metadata, object-oriented and data warehousing gurus are waiting to answer your toughest questions.
This was first published in March 2003