Windows 2000 Permission

[YL5956]

Hi,

I'm creating permissions for users that needs to connect to a SQL Database using a ODBC connection. I'm can't seem to grant them authority to connect to the ODBC data source unless I add them to the administrator role. Is there another role that would allow them to connect? I don't want them to be admins on the server but they do need authority to connect to the datasource. Thanks.

 

[globalstrata]

SQL has its own permissions, groups and users. The place to go depends on the version that you may have. Also, the permissions are controlled from each database, table, etc. Your best bet is to ask this question at the Microsoft: SQL Server group.
Gladys Rodriguez
GlobalStrata Solutions

http://www.globalstrata.com

 

[YL5956]

I created a SQL Server ID on the Database but for some reason before the external users are able to connect to SQL Server they get a permission error. It seems like the OS is trying to validate their authorities on the Server first before they are passed through to SQL Server. The only way I got around this was to add them to the Administrator group on the Server itself. After that was done they were able to connect. I tried adding them to the users and Power Users groups first but they still get the same authority error. I don't want them to have admin rights to the server just connection to the data source. Anyone run into this? How do I resolve this? Thanks.

 

[lefty78]

The only file access security that needs to be set on the Windows 2000 side is for a possible file, or set of files that SQL is writing to or accessing from due to an operation performed by a certain user. Beyond that , there is no need for user security settings on windows end.

Within SQL you need to set a "ROLE" for standard access and set the permisions through this role for the access to the tables and executables the users need to function. After the role has been administered and tested, then you can add users to it. The heirarchy of SQL is alot like Active Directory for 2000 Server. The 'roles' compare to 'organizational units' and users are users. If you know that all of the information your users need and retreive by accessing your SQL server, then you know that they need no different windows security settings.

There are also other settings that you can set withing SQL that will use SQL authentication or Windows Authentication....using windows for authentication will reduce the adminsitration over the whole project, but it may cause system risks and vulnerabilities if you have a system that gives serious reason for intrusion and your window password requirements are too loose

 

[YL5956]

Hi,

I did setup a role in SQL Server and grant DB_Owner to the role. I removed all external users accounts from Windows 2000. I'm testing the ODBC by using the SQL Login ID for authentication. When I try to connect it is still giving me a SQLCode '1835' and SQLState '08001'. I'm trying to connect across to another domain so could this might be a trust issues. If is could be how would I resolve that? No very familiar with Windows 2000 and Active Directory. Any help is greatly appreciated. Thanks.

 

[lefty78]

http://www.microsoft.com/technet/tr...rodtechnol/sql/maintain/security/sql2ksec.asp

the above is an all-around-all-you-need-to-know article from the M$ technet

 

[lefty78]

http://www.microsoft.com/technet/tr...rodtechnol/sql/maintain/security/sql2ksec.asp

the above is an all-around-all-you-need-to-know article from the M$ technet

 

[UTTech]

I am running Windows 2000 Small Business Server. Is there any way to protect a file, even from an administrator? I heard you can do that with Active Directory but I am not familiar with that yet.