July 15, 2003 at 7:05 am
Hello world,
We develop applications with PowerBuilder version 7.03 and the Database is MS SQL7 or SQL 2000.
I need to modify these applications. At this time, we start the application by inputting 'User' and 'Password'.
the User has a corresponding login in SQL sysxlogins.
The goal is to occur starting the application when clicking directly on the application icon without entering
'User' and 'Password' but using the Windows authentication from Primary Domain Controller.
The 'SQLServer Security settings' could be either 'Windows Authentication' or 'SQLServer and Windows Authentication'.
If the setting is 'Windows Authentication', I don't know, we could used a stored proc that will read Registry to know the
local Mode from the server and checked user/password if it is OK.
If not, after 3 times disable the user.
If the setting is 'SQLServer and Windows Authentication', ask the user to enter 'UserID' and 'Password'.
If after 3 times he entered a wrong password, disable this user and show him a message that his 'login failed'.
If someone has developed this kind of applic. or has some advices to provide me.
any help will be appreciated.
July 15, 2003 at 3:32 pm
All you have to is change your connection string to use NT authentication. No reason to worry with a sql login/password. Downside is that you're authorized db access to NT logins regardless of the application being used, which could include MS Query or VBScript.
Andy
July 16, 2003 at 12:39 am
Andy thanks for your quick reply.
One question, when your mention : 'change your connection string to use NT authentication'
does it mean that the change is in SQL SERver security ( windows authentication) ?
July 17, 2003 at 9:17 am
Missing a point, When you double click on the application icon on the desktop, it should open the application and connect to the server with out entering the user/pwd, meaning you must get the windows login of which the user used to get in to the domain, for this you need to use a generic login to connect to the server regardless who’s loging and get the NT id of the user used to get into the domain and check whether the user has permissions or not. Am I going wrong direction? 🙂
Shas3
July 18, 2003 at 12:18 am
Shas3, you're right. there is that I am thinking. We need a blind login to have the right to connect to the database. But question now is : how can I kown how to get the Windows user name ?
the name is on the registry but is the path at this place ?
HKCU\Software\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-AACF-AAFA-00AA00B6015C} ?
We do not forget our clients could be either WIN NT, WIN 2000, WIN XP.
IF the client decides to stay in SQL Mixed mode, means that the customer could connect either in Win authentication (without asking him the signon screen) or Sql authentication(asking him signon screen).
Others questions : We manage users(by creating logins) that work with our application by one other application that give some rights to each user.
How can we create WIndows authentication login like in Enterprise Manager that propose which domain, which user
to choose. Is there a Windows DLL to show this kind of information or something else ?
thanks for your answer.
July 18, 2003 at 12:58 am
Hi freewarefw
quote:
Shas3, you're right. there is that I am thinking. We need a blind login to have the right to connect to the database. But question now is : how can I kown how to get the Windows user name ?
there is an API function to retrieve the name of the current user.
BOOLEAN GetUserNameEx(
EXTENDED_NAME_FORMAT NameFormat, // name format
LPTSTR lpNameBuffer, // name buffer
PULONG nSize // size of name buffer
);
(Sorry, don't know what this will look loke in Powerbuilder)
Note, according to MSDN this is unsupported in Win 95, 98, ME.
quote:
How can we create WIndows authentication login like in Enterprise Manager that propose which domain, which userto choose. Is there a Windows DLL to show this kind of information or something else ?
Maybe you can utilize mpr.dll.
If I remember right, it is 'the' network DLL for windows.
Cheers,
Frank
--
Frank Kalis
Microsoft SQL Server MVP
Webmaster: http://www.insidesql.org/blogs
My blog: http://www.insidesql.org/blogs/frankkalis/[/url]
July 23, 2003 at 4:00 pm
If the connection is set for NT Security the database will use trusted connections to automatically (read with absolutely NO development required) log the user in to the database. When a user logs into their Windows computer on the network the system will kerbios to pass that information along to SQL Server for authentication. You set the database for either NT authentication, or mixed mode authentication using the Enterprise Manager. If you set it to mixed mode users will be able to user either types of authentication.
Viewing 7 posts - 1 through 7 (of 7 total)
You must be logged in to reply to this topic. Login to reply