Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Chapter Overview Understanding the Authentication Process Understanding the Authorization Process Creating and Managing Logins.

Published byViolet Randall Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Chapter Overview Understanding the Authentication Process Understanding the Authorization Process Creating and Managing Logins."— Presentation transcript:

1 1 Chapter Overview Understanding the Authentication Process Understanding the Authorization Process Creating and Managing Logins

2 2 Authentication Process

3 3 Authentication Method Security Issues Unencrypted user names and passwords on the wire Password policies Lockout policies

4 4 Net-Library Issues The client and Microsoft SQL Server must support a matching set of Net-Libraries. Default client Net-Libraries are TCP/IP Sockets and Named Pipes, and connections are attempted in that order. Use the Client Network Utility to modify client Net- Libraries. Only Named Pipes and Multiprotocol Net-Libraries require an existing authenticated connection.

5 5 SQL Server Authentication Modes

6 6 Security Account Delegation SQL Server can impersonate an authenticated user to access resources outside of SQL Server. All participating servers must be running Windows 2000 and have security account delegation enabled. The SQL Server service account must be trusted for delegation. The user requesting delegation must be trusted for delegation. The SQL Server instance must have a Service Principal Name (SPN).

7 7 Server Roles Grant Server- Wide Permissions sysadminserveradmin setupadminsecurityadmin processadmindbcreator diskadminbulkadmin

8 8 Database-Specific Permissions Database ownerDBO role UserGuest user Public roleFixed database role User-defined database roleStatement permissions Object permissionsApplication role

9 9 Fixed Database Roles db_ownerdb_accessadmin db_securityadmindb_ddladmin db_backupoperatordb_datareader db_datawriterdb_denydatawriter db_denydatareader

10 10 Login Accounts Using Create Login Wizard Specify the authentication type for the login. You can grant or deny SQL Server access to a Windows user or group. Define a server role, if any. Specify the databases to which the login will be a permitted user.

11 11 Login Accounts Using Enterprise Manager Directly

12 12 User-Defined Database Roles Create the user-defined database role within a specific database. Add users within the database to that role. A user-defined database role has no permissions assigned to it automatically.

13 13 Windows Login Accounts Using Transact-SQL sp_grantlogin 'login' sp_revokelogin 'login' sp_denylogin 'login' sp_defaultdb 'login', 'database' sp_defaultlanguage 'login', 'language'

14 14 SQL Server Login Accounts Using Transact-SQL sp_addlogin 'login', ['password', 'database', 'language', 'sid', 'encryption_option'] sp_droplogin 'login' sp_password 'old_password', 'new_password', 'login' sp_defaultdb 'login', 'database' sp_defaultlanguage 'login', 'language'

15 15 Server Roles and Database Access Using Transact-SQL sp_addsrvrolemember 'login', 'role' sp_dropsrvrolemember 'login', 'role' sp_grantdbaccess 'login', 'name_in_db' sp_revokedbaccess 'name'

16 16 Database Roles Using Transact-SQL sp_changedbowner 'login', 'remap_alias_flag' sp_addrolemember 'role', 'security_account' sp_droprolemember 'role', 'security_account' sp_addrole 'role', 'owner' sp_droprole 'role'

17 17 Viewing Access Information Using Enterprise Manager View on a user-by-user basis in the Logins container within the Security container. View server role membership in the Server Roles container within the Security container. View database access on a per-user basis in the Users container in each database. View database role membership in the Roles container in each database.

18 18 Viewing Access Information Using Transact-SQL sp_helplogins ['login'] sp_helpsrvrolemember ['role'] sp_helpuser ['security_account'] sp_helprolemember ['role'] sp_helpntgroup ['name']

19 19 Chapter Summary Authentication is required for access, and authorization is required to perform specific actions. SQL Server supports Windows and SQL Server authentication. SQL Server can run in Windows Authentication Mode or Mixed Mode. Server roles grant server-wide administration rights, and database roles grant database-specific rights. View access information on a user basis or a role basis.

Download ppt "1 Chapter Overview Understanding the Authentication Process Understanding the Authorization Process Creating and Managing Logins."

Similar presentations

Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.

Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.
Week 6: Chapter 6 Agenda Automation of SQL Server tasks using: SQL Server Agent Scheduling Scripting Technologies.

Week 6: Chapter 6 Agenda Automation of SQL Server tasks using: SQL Server Agent Scheduling Scripting Technologies.
Login dan Permission dfd, 2012. Jenis Login dfd, 2012 SQL Server Authentication Membutuhkan password Windows Authentication Mode Tidak membutuhkan password.

Login dan Permission dfd, Jenis Login dfd, 2012 SQL Server Authentication Membutuhkan password Windows Authentication Mode Tidak membutuhkan password.
Login dan Permission dfd, 2012. Jenis Login dfd, 2012 SQL Server Authentication Membutuhkan password Windows Authentication Mode Tidak membutuhkan password.

Login dan Permission dfd, Jenis Login dfd, 2012 SQL Server Authentication Membutuhkan password Windows Authentication Mode Tidak membutuhkan password.
CREATE LOGIN James WITH PASSWORD = 'A' Answer: SQL 2005 and 2008 can enforce the password policy of the operating system. CREATE LOGIN James WITH PASSWORD.

CREATE LOGIN James WITH PASSWORD = 'A' Answer: SQL 2005 and 2008 can enforce the password policy of the operating system. CREATE LOGIN James WITH PASSWORD.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Logins, Roles and Credentials Lesson 14. Skills Matrix.

Logins, Roles and Credentials Lesson 14. Skills Matrix.
Module 4: Implementing User, Group, and Computer Accounts

Module 4: Implementing User, Group, and Computer Accounts
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 4 Profiles, Password Policies, Privileges, and Roles.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 4 Profiles, Password Policies, Privileges, and Roles.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
Chapter 10 Overview  Implement Microsoft Windows Authentication Mode and Mixed Mode  Assign login accounts to database user accounts and roles  Assign.

Chapter 10 Overview  Implement Microsoft Windows Authentication Mode and Mixed Mode  Assign login accounts to database user accounts and roles  Assign.
Week 2 - Installation SQL SERVER2000 ENTERPRISE EDITION INSTALLATION.

Week 2 - Installation SQL SERVER2000 ENTERPRISE EDITION INSTALLATION.
Module 2: Planning to Install SQL Server. Overview Hardware Installation Considerations SQL Server 2000 Editions Software Installation Considerations.

Module 2: Planning to Install SQL Server. Overview Hardware Installation Considerations SQL Server 2000 Editions Software Installation Considerations.
Chapter 7 WORKING WITH GROUPS.

Chapter 7 WORKING WITH GROUPS.
Administration of Users Dr. Gabriel. 2 Documentation of User Administration Part of the administration process Reasons to document: –Provide a paper trail.

Administration of Users Dr. Gabriel. 2 Documentation of User Administration Part of the administration process Reasons to document: –Provide a paper trail.
Avanade: 10 tips for å sikring av dine SQL Server databaser Bernt Lervik Infrastructure Architect Avanade.

Avanade: 10 tips for å sikring av dine SQL Server databaser Bernt Lervik Infrastructure Architect Avanade.
1 Chapter Overview Reviewing the Results of Installation Starting, Stopping, Pausing, and Modifying Microsoft SQL Server 2000 Services Working with Osql,

1 Chapter Overview Reviewing the Results of Installation Starting, Stopping, Pausing, and Modifying Microsoft SQL Server 2000 Services Working with Osql,
Chapter 8 Hardening Your SQL Server Instance. Hardening  Hardening The process of making your SQL Server Instance more secure  New features Policy based.

Chapter 8 Hardening Your SQL Server Instance. Hardening  Hardening The process of making your SQL Server Instance more secure  New features Policy based.

Similar presentations

Ads by Google