Solved

SQL Server Express login - Inappropriate to use sa user id with connection string in a VB.NET application??

Posted on 2006-10-25
3
248 Views
Last Modified: 2010-04-23
I don't know what is appropriate or inappropriate when it comes to using a connection string inside VB.NET when multiple users connect to SQL Server.

I have an application that I have working properly with multiple users, however they are connecting using a user id I manually created.  I have several issues because of my inexperience with using SQL Server & VB.NET together.

1)  Is it inappropriate to login ALL remote users with ONE user id?
2)  If so, is there a posting I can refer to that explains how to set up logins in my SQL database programmatically through .NET as I create a login within my application?
3)  If not, is it inappropriate to use the 'sa' user id?

All words of wisdom are greatly appreciated.

Sincerely,
Phil Tate
0
Comment
Question by:TSFLLC
  • 2
3 Comments
 
LVL 69

Accepted Solution

by:
Éric Moreau earned 500 total points
ID: 17805652
Hi TSFLLC,

1) Personally, I find it appropriate to use a single login to connect all the users of an application. I always create a login specific to an application so that I can manage the permissions required by this application. I wouldn't like to create login for each users and I don't want to trust domain users so that they could connect with just about any tools (like Access).

3) Never use sa in an application. sa has all the permissions to scrap your database.


Cheers!
0
 

Author Comment

by:TSFLLC
ID: 17805707
Eric,

I have searched, but not that dilligently I must admit, for some code that shows how I can programmatically create a login.  During my database setup routine I would login as sa to my instance just to attach my custom database and then create my single remote user login.

Can you post a link or code that shows how to do this appropriately with the necessary read/write rights?

Thanks much.
0
 

Author Comment

by:TSFLLC
ID: 17805778
Eric,

Ignore my request.  The explanations for CREATE LOGIN & CREATE USER inside SQL help appear to give me what I need.


Thank you for your promptness!

Phil Tate
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

This article explains how to create and use a custom WaterMark textbox class.  The custom WaterMark textbox class allows you to set the WaterMark Background Color and WaterMark text at design time.   IMAGE OF WATERMARKS STEPS Create VB …
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
This video discusses moving either the default database or any database to a new volume.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now