Solved

SQL 2008 authentication: safe to change from Windows to mixed mode ?

Posted on 2013-01-14
6
541 Views
Last Modified: 2013-01-14
I have been asked to use an existing SQL 2008 server for a new database for a new client-server app. Currently, SQL authentication on this SQL server is Windows and it is being used for a production line-of-business app. However, the new app requires mixed mode authentication. I know how to change from Windows to mixed authentication. However, is it safe to do this? Are there likely to be any implications for the original app?
0
Comment
Question by:askrabbit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 143

Accepted Solution

by:
Guy Hengel [angelIII / a3] earned 500 total points
ID: 38774008
there is no implications for the original app.
the implication is only security for the database, as all the non-windows logins will be able to be used.
you may consider installing a dedicated instance for this app, if it's a small one ...
0
 
LVL 2

Author Comment

by:askrabbit
ID: 38774063
Is it possible to create an sa-type SQL login which only has superuser rights on the new database? Would this be easier than giving the implementation team for the new app the sa credentials?
0
 
LVL 143

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 38774070
logins with sa power (sysadmin server role) have permissions on all databases.
you can create a normal login with no special server roles and make it db_owner (full power) on that database, the login will not be able to do anything on the other databases.
0
Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

 
LVL 2

Author Comment

by:askrabbit
ID: 38774089
Re normal login with no special server roles, making it db_owner - OK.

Re "all the non-windows logins will be able to be used" - if the new app implementation team had neither the sa credentials nor a Windows account with admin rights over SQL, would this be an issue?
0
 
LVL 143

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 38774199
no
0
 
LVL 2

Author Closing Comment

by:askrabbit
ID: 38774224
Thanks for your speedy responses!
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question