Solved

SQL Server Express login - Inappropriate to use sa user id with connection string in a VB.NET application??

Posted on 2006-10-25
3
255 Views
Last Modified: 2010-04-23
I don't know what is appropriate or inappropriate when it comes to using a connection string inside VB.NET when multiple users connect to SQL Server.

I have an application that I have working properly with multiple users, however they are connecting using a user id I manually created.  I have several issues because of my inexperience with using SQL Server & VB.NET together.

1)  Is it inappropriate to login ALL remote users with ONE user id?
2)  If so, is there a posting I can refer to that explains how to set up logins in my SQL database programmatically through .NET as I create a login within my application?
3)  If not, is it inappropriate to use the 'sa' user id?

All words of wisdom are greatly appreciated.

Sincerely,
Phil Tate
0
Comment
Question by:TSFLLC
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 70

Accepted Solution

by:
Éric Moreau earned 500 total points
ID: 17805652
Hi TSFLLC,

1) Personally, I find it appropriate to use a single login to connect all the users of an application. I always create a login specific to an application so that I can manage the permissions required by this application. I wouldn't like to create login for each users and I don't want to trust domain users so that they could connect with just about any tools (like Access).

3) Never use sa in an application. sa has all the permissions to scrap your database.


Cheers!
0
 

Author Comment

by:TSFLLC
ID: 17805707
Eric,

I have searched, but not that dilligently I must admit, for some code that shows how I can programmatically create a login.  During my database setup routine I would login as sa to my instance just to attach my custom database and then create my single remote user login.

Can you post a link or code that shows how to do this appropriately with the necessary read/write rights?

Thanks much.
0
 

Author Comment

by:TSFLLC
ID: 17805778
Eric,

Ignore my request.  The explanations for CREATE LOGIN & CREATE USER inside SQL help appear to give me what I need.


Thank you for your promptness!

Phil Tate
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I think the Typed DataTable and Typed DataSet are very good options when working with data, but I don't like auto-generated code. First, I create an Abstract Class for my DataTables Common Code.  This class Inherits from DataTable. Also, it can …
The ECB site provides FX rates for major currencies since its inception in 1999 in the form of an XML feed. The files have the following format (reducted for brevity) (CODE) There are three files available HERE (http://www.ecb.europa.eu/stats/exch…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question