Solved

SQL Server Express login - Inappropriate to use sa user id with connection string in a VB.NET application??

Posted on 2006-10-25
3
249 Views
Last Modified: 2010-04-23
I don't know what is appropriate or inappropriate when it comes to using a connection string inside VB.NET when multiple users connect to SQL Server.

I have an application that I have working properly with multiple users, however they are connecting using a user id I manually created.  I have several issues because of my inexperience with using SQL Server & VB.NET together.

1)  Is it inappropriate to login ALL remote users with ONE user id?
2)  If so, is there a posting I can refer to that explains how to set up logins in my SQL database programmatically through .NET as I create a login within my application?
3)  If not, is it inappropriate to use the 'sa' user id?

All words of wisdom are greatly appreciated.

Sincerely,
Phil Tate
0
Comment
Question by:TSFLLC
  • 2
3 Comments
 
LVL 69

Accepted Solution

by:
Éric Moreau earned 500 total points
ID: 17805652
Hi TSFLLC,

1) Personally, I find it appropriate to use a single login to connect all the users of an application. I always create a login specific to an application so that I can manage the permissions required by this application. I wouldn't like to create login for each users and I don't want to trust domain users so that they could connect with just about any tools (like Access).

3) Never use sa in an application. sa has all the permissions to scrap your database.


Cheers!
0
 

Author Comment

by:TSFLLC
ID: 17805707
Eric,

I have searched, but not that dilligently I must admit, for some code that shows how I can programmatically create a login.  During my database setup routine I would login as sa to my instance just to attach my custom database and then create my single remote user login.

Can you post a link or code that shows how to do this appropriately with the necessary read/write rights?

Thanks much.
0
 

Author Comment

by:TSFLLC
ID: 17805778
Eric,

Ignore my request.  The explanations for CREATE LOGIN & CREATE USER inside SQL help appear to give me what I need.


Thank you for your promptness!

Phil Tate
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Encryption Decryption in Oracle 12 108
Clone Visual studio 2013 solution 5 25
Format column on datatable 7 29
VS.net 2010 11 26
I think the Typed DataTable and Typed DataSet are very good options when working with data, but I don't like auto-generated code. First, I create an Abstract Class for my DataTables Common Code.  This class Inherits from DataTable. Also, it can …
If you're writing a .NET application to connect to an Access .mdb database and use pre-existing queries that require parameters, you've come to the right place! Let's say the pre-existing query(qryCust) in Access takes a Date as a parameter and l…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Many functions in Excel can make decisions. The most simple of these is the IF function: it returns a value depending on whether a condition you describe is true or false. Once you get the hang of using the IF function, you will find it easier to us…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now