Create a Universal User for SQL2005 express

I have a VB6 app that connects to SQL2005 express through a network. Right now I have to take all of the users and add them to the SQLSERVER2005SQLUser, SQLSERVER2005SQLBrowserUser on the Server. Then add them to the Logins on the DB and give them permissions on the SQLExpress/permissions. Every time I have a new person come on board I have to get their login ID and go through the process again. Corporate now wants me to install this program throughout the company.... thousands of users.

My question is... can I create a universal user and add that user and password to my connection string in the VB app? (similar to 'sa', 'password') Right now SQLExpress is using windows authentication. Would I then need to switch it to SQL Server Authentication?
md0333Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

microboltCommented:
Yep, change it to mixed mode.  This will allow windows logons and SQL authentication.  Then create an logon for your database.  I would not recommend using SA as it is not an very secure practice.  Create another user just for this database.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Guy Hengel [angelIII / a3]Billing EngineerCommented:
create a domain GROUP in windows active directory.
then, create in your sql the login based on that group.
grant that group the permissions.

make all the existing users members of that group in AD.
make all new users members of that group in AD.

remove all existing users from the sql server security that only had that profile.
0
md0333Author Commented:
OK... Changed SQLExpress to mixed mode... created a new User on the Server. I then went to my database/Security/Users and tried to add that user but it would not. How do I create a logon for the DB? I must be doing it incorrectly...
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

microboltCommented:
Need to make the user first under "Security -> Logins"
0
microboltCommented:
Here is an screenshot of where it is in SQL Management Studio
Screenshot.jpg
0
md0333Author Commented:
OK... Got the user created. Added that user to my Database. User I created is SDS... DB name is SDS also. Changed my connection string to look like this:
'''''''''''''''''''''''''''''''''''''''''''''''''''''''''
   Dim sDB As String
   
    sDB = "SDS"
    gsServerName = "ACJTS01\SQLEXPRESS"
   
    ' Specify the OLE DB provider.
    cn.Provider = "sqloledb"
   
    ' Set SQLOLEDB connection properties.
    cn.Properties("User ID").Value = "SDS"
    cn.Properties("Password").Value = "password"
    cn.Properties("Initial Catalog").Value = sDB    
   
    ' Windows NT authentication.
    cn.Properties("Integrated Security").Value = "SSPI"
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

Now when I try to login I get this error.

Run-time error '-2147467259 (80004005)':
[DBNETLIB][ConnectionOpen(Connect()).]SQL Server does not exist or access denied.

What am I missing?
0
dqmqCommented:
If you establish a common login for all users, then you need to invent your own mechanism for distinguishing one from the other (think audit trail) and everyone will have the same permissions.  Not always the best arrangement.

Often it's better to use Windows authentication as Angel suggests, and manage the database security at the group level.  In it's simplest form, you can create a single Windows group  and manage database permissions to that group.  Then membership in that group entitles one to the associated permissions.

Slightly more work that a singular login, but well worth it when corporate comes along with their next request.
0
microboltCommented:
try commenting out this line:

cn.Properties("Integrated Security").Value = "SSPI"
0
dqmqCommented:
The following is wrong when using SQL Authentication.    

cn.Properties("Integrated Security").Value = "SSPI"

change to:

cn.Properties("Integrated Security").Value = False
0
md0333Author Commented:
microbolt - I tried it with and without that line of code.... same issue.

angel and dqmq - my problem is that "corporate" is different domains all over the US. I will not have access to these domains or servers other than installation time. They don't all necessarily have IT guys so I'm trying to simplify this as much as possible. If I'm understanding what you are saying correctly, they would still have to have someone add any new employees to this group you are suggesting I create. I'm trying to think of this implementation as.... load software, DB, create universal user account and be done. I can update the software with a new .exe file but won't have to worry about new employees as long as the software is on their computer. The data is not sensitive...
0
md0333Author Commented:
ok... tried changing the code to

cn.Properties("Integrated Security").Value = False

got a different error:

Multiple-step OLE DB operation generated errors. Check each OLE DB status value, if available. No work was done.

???
0
microboltCommented:
Try changing:

    cn.Properties("User ID").Value = "SDS"
    cn.Properties("Password").Value = "password"
    cn.Properties("Initial Catalog").Value = sDB
to

    cn.Properties("uid").Value = "SDS"
    cn.Properties("pwd").Value = "password"
    cn.Properties("Database").Value = sDB
0
md0333Author Commented:
micobolt - no joy

VB does not recognize those... "Cannot be found in the collection corresponding to the requested name or ordinal"
0
microboltCommented:
Never actually saw you put the data source in.  Is it somewhere else in your code:

cn.Properties("Data Source").Value =  gsServerName;

And your right the "user id" and "password" are the correct fields.  You should be able to just comment out the "Integrated Security" and it work.
0
md0333Author Commented:
looks like we are getting closer... I added the Data Source line of code (had it commented out... idiot) and now I'm getting another error when I try to load the program but it has to do with the PRODUCT table in my db.

The SELECT permission was denied on the object 'PRODUCT', database 'SDS', schema 'dbo'.

0
microboltCommented:
Did you give your user proper permission in SQL management studio?  If you want full access it needs db_owner privilege.
0
md0333Author Commented:
I got it... I had to go into the DB and give the SDS user db_datareader and db_datawriter Schema and Role...

Now, program seems to work fine... any other things I should add to this user?
0
md0333Author Commented:
OK... gave it db_owner.  Thanks microbolt!!! Awarding points now!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft SQL Server 2005

From novice to tech pro — start learning today.