SQL Server Express login - Inappropriate to use sa user id with connection string in a VB.NET application??

I don't know what is appropriate or inappropriate when it comes to using a connection string inside VB.NET when multiple users connect to SQL Server.

I have an application that I have working properly with multiple users, however they are connecting using a user id I manually created.  I have several issues because of my inexperience with using SQL Server & VB.NET together.

1)  Is it inappropriate to login ALL remote users with ONE user id?
2)  If so, is there a posting I can refer to that explains how to set up logins in my SQL database programmatically through .NET as I create a login within my application?
3)  If not, is it inappropriate to use the 'sa' user id?

All words of wisdom are greatly appreciated.

Sincerely,
Phil Tate
TSFLLCAsked:
Who is Participating?
 
Éric MoreauConnect With a Mentor Senior .Net ConsultantCommented:
Hi TSFLLC,

1) Personally, I find it appropriate to use a single login to connect all the users of an application. I always create a login specific to an application so that I can manage the permissions required by this application. I wouldn't like to create login for each users and I don't want to trust domain users so that they could connect with just about any tools (like Access).

3) Never use sa in an application. sa has all the permissions to scrap your database.


Cheers!
0
 
TSFLLCAuthor Commented:
Eric,

I have searched, but not that dilligently I must admit, for some code that shows how I can programmatically create a login.  During my database setup routine I would login as sa to my instance just to attach my custom database and then create my single remote user login.

Can you post a link or code that shows how to do this appropriately with the necessary read/write rights?

Thanks much.
0
 
TSFLLCAuthor Commented:
Eric,

Ignore my request.  The explanations for CREATE LOGIN & CREATE USER inside SQL help appear to give me what I need.


Thank you for your promptness!

Phil Tate
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.