Solved

SQL 2008 authentication: safe to change from Windows to mixed mode ?

Posted on 2013-01-14
6
535 Views
Last Modified: 2013-01-14
I have been asked to use an existing SQL 2008 server for a new database for a new client-server app. Currently, SQL authentication on this SQL server is Windows and it is being used for a production line-of-business app. However, the new app requires mixed mode authentication. I know how to change from Windows to mixed authentication. However, is it safe to do this? Are there likely to be any implications for the original app?
0
Comment
Question by:askrabbit
  • 3
  • 3
6 Comments
 
LVL 142

Accepted Solution

by:
Guy Hengel [angelIII / a3] earned 500 total points
ID: 38774008
there is no implications for the original app.
the implication is only security for the database, as all the non-windows logins will be able to be used.
you may consider installing a dedicated instance for this app, if it's a small one ...
0
 
LVL 2

Author Comment

by:askrabbit
ID: 38774063
Is it possible to create an sa-type SQL login which only has superuser rights on the new database? Would this be easier than giving the implementation team for the new app the sa credentials?
0
 
LVL 142

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 38774070
logins with sa power (sysadmin server role) have permissions on all databases.
you can create a normal login with no special server roles and make it db_owner (full power) on that database, the login will not be able to do anything on the other databases.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 2

Author Comment

by:askrabbit
ID: 38774089
Re normal login with no special server roles, making it db_owner - OK.

Re "all the non-windows logins will be able to be used" - if the new app implementation team had neither the sa credentials nor a Windows account with admin rights over SQL, would this be an issue?
0
 
LVL 142

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 38774199
no
0
 
LVL 2

Author Closing Comment

by:askrabbit
ID: 38774224
Thanks for your speedy responses!
0

Featured Post

How does your email signature look on mobiles?

Do your employees use mobile devices to reply to emails? With mobile becoming increasingly important to the business world, it is in your best interest to make sure that your email signature looks great across all types of devices.

Join & Write a Comment

How to leverage one TLS certificate to encrypt Microsoft SQL traffic and Remote Desktop Services, versus creating multiple tickets for the same server.
Ever needed a SQL 2008 Database replicated/mirrored/log shipped on another server but you can't take the downtime inflicted by initial snapshot or disconnect while T-logs are restored or mirror applied? You can use SQL Server Initialize from Backup…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now