ArticlesArticles Most Helpful ArticlesMost Helpful Articles Language SettingsLanguage Settings LoginLogin
RSS Feeds
DrillDown Icon Table of Contents
DrillDown Icon MX
DrillDown Icon MANUALS and Other Info for SQL MANEX Client Server
DrillDown Icon Hardware and Software Requirements for Installing SQL Server
DrillDown Icon List of Modules Converted to MANEX Client Server
DrillDown Icon Installing SQL Server
DrillDown Icon System Administrator
DrillDown Icon SQL Backup Options
DrillDown Icon Setup the OLE DB(ADO) for SQL Crystal Reports
DrillDown Icon APIs
DrillDown Icon Code that could be used to find Last Table Modified within SQL
DrillDown Icon Configure SQL Server 2008 R2 to allow Network Connections
DrillDown Icon How to detach and attached databases using the SQL Server Management Studio
DrillDown Icon Restore SQL DB from Backup
DrillDown Icon Setup a SQL Test/Sandbox Database
DrillDown Icon SQLManex Client Server Setup Instructions
DrillDown Icon Setup Folder Permissions to Write "ini" File
DrillDown Icon Setup the ODBC for SQL Crystal Reports
DrillDown Icon Setup a SQL Database Maintenance Plan
DrillDown Icon Setup Task Scheduler to Auto Run MRP
DrillDown Icon Selecting the Authentication Mode
DrillDown Icon Window 10 - Network Disconnect
DrillDown Icon Setup Work Stations
DrillDown Icon Security System
DrillDown Icon Accounting Setup
DrillDown Icon System Setup
DrillDown Icon Operations Manuals
DrillDown Icon System Utilities
DrillDown Icon SQL Server Memory Settings and Performance
DrillDown Icon Definitions
DrillDown Icon How to schedule and automate backups of SQL Server databases in SQL Server Express
DrillDown Icon SQL_FAQ's
DrillDown Icon Customer Relationship Management (CRM)
DrillDown Icon ManEx Minute
DrillDown Icon ManEx Component Exchange
DrillDown Icon ManEx Supplier Directory & Rankings
  Email This ArticlePrint PreviewPrint Current Article and All Sub-Articles
 
Selecting the Authentication Mode

During setup, you MUST select an authentication mode for the Database Engine. There are two possible modes: Windows Authentication mode and mixed mode. Windows Authentication mode enables Windows Authentication and disables SQL Server Authentication. Mixed mode enables both Windows Authentication and SQL Server Authentication. Windows Authentication is always available and cannot be disabled.
 
Note:  You MUST have the SQL Authentication method setup for the ManEx application and the SQL needs to have a login name for ManEx.   For that reason, the choice is less important.  Regardless of the method chosen, the user will still have to authenticate via the ManEx security screen.

Configuring the Authentication Mode


If you select Mixed Mode Authentication during setup, you must provide and then confirm a strong password for the built-in SQL Server system administrator account named sa. The sa account connects by using SQL Server Authentication.

If you select Windows Authentication during setup, Setup creates the sa account for SQL Server Authentication but it is disabled. If you later change to Mixed Mode Authentication and you want to use the sa account, you must enable the account. Any Windows or SQL Server account can be configured as a system administrator. Because the sa account is well known and often targeted by malicious users, do not enable the sa account unless your application requires it. Never set a blank or weak password for the sa account.  The link below is an article that will show users how to switch to mixed mode if they accidently set their server to only use Windows authentication.   http://www.sql-programmers.com/mixed-mode-authentication.aspx
 
 
 When a user connects through a Windows user account, SQL Server validates the account name and password using the Windows principal token in the operating system. This means that the user identity is confirmed by Windows. SQL Server does not ask for the password, and does not perform the identity validation. Windows Authentication is the default authentication mode, and is much more secure than SQL Server Authentication. Windows Authentication uses Kerberos security protocol, provides password policy enforcement with regard to complexity validation for strong passwords, provides support for account lockout, and supports password expiration. A connection made using Windows Authentication is sometimes called a trusted connection, because SQL Server trusts the credentials provided by Windows.
 
When using SQL Server Authentication, logins are created in SQL Server that are not based on Windows user accounts. Both the user name and the password are created by using SQL Server and stored in SQL Server. Users connecting using SQL Server Authentication must provide their credentials (login and password) every time that they connect. When using SQL Server Authentication, you must set strong passwords for all SQL Server accounts. 


 

Disadvantages of SQL Server Authentication

·        If a user is a Windows domain user who has a login and password for Windows, he must still provide another (SQL Server) login and password to connect. Keeping track of multiple names and passwords is difficult for many users. Having to provide SQL Server credentials every time that one connects to the database can be annoying.

·         SQL Server Authentication cannot use Kerberos security protocol.

·         Windows offers additional password policies that are not available for SQL Server logins.

Advantages of SQL Server Authentication

·         Allows SQL Server to support older applications and applications provided by third parties that require SQL Server Authentication.

·         Allows SQL Server to support environments with mixed operating systems, where all users are not authenticated by a Windows domain.

·         Allows users to connect from unknown or untrusted domains. For instance, an application where established customers connect with assigned SQL Server logins to receive the status of their orders.

·         Allows SQL Server to support Web-based applications where users create their own identities.

·         Allows software developers to distribute their applications by using a complex permission hierarchy based on known, preset SQL Server logins.

 
Article ID: 5390