Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Linux to SQL Server, authentication

Posted on 2011-09-14
8
Medium Priority
?
355 Views
Last Modified: 2012-05-12
http://www.easysoft.com/products/data_access/odbc-sql-server-driver/whats-new.html

>>>SQL Server 2008 Security The SQL Server ODBC driver’s Windows authentication support means that using the driver to integrate Linux/Unix with SQL Server 2008 will not compromise security best practices defined and enforced by SQL Server 2008’s Policy-Based Management. Because the SQL Server ODBC driver lets you access SQL Server from Linux/Unix by using this best practice login mode, SQL Server authentication support is not a prerequisite for our driver. Your SQL Server instance does not therefore have to vulnerable to attacks associated with this legacy authentication mode.

Does this mean that we can authenticate Linux to SQL, windows authentication?  If not, is anyone aware of a workaround, that will allow me to do so?

0
Comment
Question by:dbaSQL
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 51

Expert Comment

by:Steve Bink
ID: 36540502
Windows authentication in MSSQL uses the underlying OS authentication.  Linux does not have that, AFAIK.  You might be able to pass credentials in your connection for SQL Server to check against its parent Windows catalog, though.
0
 
LVL 17

Author Comment

by:dbaSQL
ID: 36542227
>>You might be able to pass credentials in your connection for SQL Server to check against its parent Windows catalog, though.
Can you elaborate, routinet?  Maybe give me an example, or point me to another reference?
0
 
LVL 51

Accepted Solution

by:
Steve Bink earned 2000 total points
ID: 36545128
I'm saying pass your credentials as a Windows credential, i.e., domain\user.  I'm not saying it will work...just that it might.  :)

With Windows authentication, SQL Server does not actually handle the authentication part.  It passes it off to the Windows sub-system and relies on its response.  Depending on your environment, that sub-system could be the local catalog of users, or maybe an Active Directory controller on your domain.  Your problem is not authenticating with SQL Server, but authenticating with the OS it is running on.

SQL Server has an SQL authentication mode for a reason - not every computer in the world uses Windows.  Microsoft's recommended practices are great in a homogenous environment, but do not really translate well once you introduce other OS platforms.
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 17

Author Comment

by:dbaSQL
ID: 36545143
aaaah.... i see what you're saying.  pretty much what I had feared.... no magic linux to sql pill out there yet.
that sucks


thank you routinet.
0
 
LVL 51

Expert Comment

by:Steve Bink
ID: 36545162
I've seen some material saying you can duplicate this by using Kerberos (which makes sense, I suppose), but that is well outside my skill set.  Good luck!
0
 
LVL 17

Author Comment

by:dbaSQL
ID: 36545275
definitely need all the luck i can get on this one.... i am tasked to redesign the entire data model, to include, of course, the application layer security.  98% of which is non-windows, and currently coming in without any restriction at all.  :-(

I'll get there.  
thanks again, routinet
0
 
LVL 51

Expert Comment

by:Steve Bink
ID: 36545380
Keep in mind that SQL mode is not necessarily a bad thing.  It just means that proper care needs to be taken when managing the credentials.  With Windows authentication, that is all handled at the OS level, which means network administrators familiar with policy get to deal with it.  A DBA may or may not be in a position to know or implement those policies.  With SQL mode, they must be.  It does not have to be less secure than using Windows authentication.
0
 
LVL 17

Author Comment

by:dbaSQL
ID: 36545468
Understood.  I am very fond of the windows mode, for the auditability, and control.  i commonly go the sql mode for the application layer... i was just wondering if there were any changes out there, that maybe i hadn't heard of yet.
0

Featured Post

Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever needed a SQL 2008 Database replicated/mirrored/log shipped on another server but you can't take the downtime inflicted by initial snapshot or disconnect while T-logs are restored or mirror applied? You can use SQL Server Initialize from Backup…
Ever wondered why sometimes your SQL Server is slow or unresponsive with connections spiking up but by the time you go in, all is well? The following article will show you how to install and configure a SQL job that will send you email alerts includ…
Using examples as well as descriptions, and references to Books Online, show the documentation available for date manipulation functions and by using a select few of these functions, show how date based data can be manipulated with these functions.
Via a live example, show how to shrink a transaction log file down to a reasonable size.

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question