mhamer
asked on
SQL Mixed mode or Windows auth
what is currnet thinking on this nowadays?
I have a team of SQL bods saying mixed moded is best and a team of infrastructure bods saying Windows auth is best, MS have white papers favouring both arguments depending on time of year:-)
we are currently SQL 2000 moving to 2005,
is it a case that both have merits and demerits depending on how you implement or is one really the best option to go with, thoughts please
I have a team of SQL bods saying mixed moded is best and a team of infrastructure bods saying Windows auth is best, MS have white papers favouring both arguments depending on time of year:-)
we are currently SQL 2000 moving to 2005,
is it a case that both have merits and demerits depending on how you implement or is one really the best option to go with, thoughts please
windows authentication is not always good, there are some legacy apps which doesnt work with windows auth mode, I would always recommend mixed mode where you can use sa username to logon and work with SQL .
ASKER
ah, I get that, nbut we are decdiding what to do for the future a "road map" of sorts
does anyone disagree that windows Auth is more secure. we do have legacy apps that mean we cant make the change all at once but is it sensibl eto say anything new and that is able to becomes windows auth only.
does anyone disagree that windows Auth is more secure. we do have legacy apps that mean we cant make the change all at once but is it sensibl eto say anything new and that is able to becomes windows auth only.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I agree w/ drequinox.
Windows Auth mode is more secure, and you should use it if at all possible.
If your system is a client/server solution, where the client must have direct access the server's database (I guess this is not the case) which is on the WAN, you'll need to use mixed mode.
If the client doesn't have direct access to the database, but has to go through your business objects, Windows auth would be better.
If your system is a client/server solution, where the client must have direct access the server's database (I guess this is not the case) which is on the WAN, you'll need to use mixed mode.
If the client doesn't have direct access to the database, but has to go through your business objects, Windows auth would be better.
Since MSSQL 7.0, I certainly prefer Mixed Mode because of some really old apps stopping moving completlely to Windows Auth.
Also I found out that some SharePoint Functionality (WebParts) we are using, do not work very well with Windows Auth (MSSQL 2005 Environment and MOSS 2007), so we had to use Mixed Mode to use Windows Auth. whenever possible and SQL Auth. for the rest... ;-)
Jerry
Also I found out that some SharePoint Functionality (WebParts) we are using, do not work very well with Windows Auth (MSSQL 2005 Environment and MOSS 2007), so we had to use Mixed Mode to use Windows Auth. whenever possible and SQL Auth. for the rest... ;-)
Jerry