June 3, 2012 at 10:22 pm
[font="Courier New"]
I did not password protect the sql server but used windows authentication on login.
Now i want to know how to password protect the database if that is how it works.
When i connectto server using MS SQL Server Management Studio 08 i can see all tables and databases...
Can i hide some of them from all users except for 5 users?
I'm new and will need some advice,please help.
Thanks in advance[/font]
June 4, 2012 at 5:47 am
Generally, integrated security, Windows security, is considered to be the better approach. You can use a login and a password. That's called SQL Server security. But I wouldn't suggest it. Instead, to secure the database in the manner you suggest, work with your system admin to create an AD group. Add those users to that group. Then, create a login on the server for that group and a user on the database for that login. My approach is to use a role on the database to set up security. You can then add the database user to that role and everything should be good to go.
Just look up in msdn.com each of the terms above that you don't understand. It's pretty straightforward stuff.
"The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood"
- Theodore Roosevelt
Author of:
SQL Server Execution Plans
SQL Server Query Performance Tuning
June 4, 2012 at 8:19 am
Grant has good ideas.
By default you don't get access to any tables or objects in a database without being granted them. So only grant what you want users to have.
Use roles.
Always.
June 4, 2012 at 10:07 am
[font="Courier New"]So can i take as we normally do not protect database within the SQL Server seperately but give required permission like -read, -read & update, -Others to users.
I was comparing this scenario with ms access database where i use to protect database and allow users to connect to database using the frontend only..
[/font]
June 4, 2012 at 10:13 am
You cannot prevent people from connecting to Access with another front end either. Once they know the password, same as a login in SQL Server, they can connect from any program that provides a driver for Access.
June 4, 2012 at 11:15 am
It's not that you don't protect it. In fact, you can protect it a lot more. It's just not a single file that you assign a password to like Access. Instead, it's a database on a server. You can make it completely invisible to users, but there are lots of steps involved.
"The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood"
- Theodore Roosevelt
Author of:
SQL Server Execution Plans
SQL Server Query Performance Tuning
June 4, 2012 at 8:01 pm
Thanks again guys for helping me out here...let mw get use to this server environment.
Regards
Pedie
Viewing 7 posts - 1 through 7 (of 7 total)
You must be logged in to reply to this topic. Login to reply
This website stores cookies on your computer.
These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media.
To find out more about the cookies we use, see our Privacy Policy