Page 92 - DCAP508_DATABASE_ADMINISTRATION
P. 92
Database Administration
Notes passwords, auditing, password expiration, minimum password length, and account lockout
after multiple invalid login requests.
Because Windows NT 4.0 and Windows 2000 users and groups are maintained only by Windows
NT 4.0 or Windows 2000, SQL Server reads information about a user’s membership in groups
when the user connects. If changes are made to the accessibility rights of a connected user, the
changes become effective the next time the user connects to an instance of SQL Server or logs on
to Windows NT 4.0 or Windows 2000 (depending on the type of change).
Notes Windows Authentication Mode is not available when an instance of SQL Server is
running on Windows 98 or Microsoft Windows Millennium Edition.
6.1.2 SQL Server Authentication
When a user connects with a specified login name and password from a nontrusted connection,
SQL Server performs the authentication itself by checking to see if a SQL Server login account
has been set up and if the specified password matches the one previously recorded. If SQL Server
does not have a login account set, authentication fails and the user receives an error message.
SQL Server Authentication is provided for backward compatibility because applications written
for SQL Server version 7.0 or earlier may require the use of SQL Server logins and passwords.
Additionally, SQL Server Authentication is required when an instance of SQL Server is running
on Windows 98 because Windows Authentication Mode is not supported on Windows 98.
Therefore, SQL Server uses Mixed Mode when running on Windows 98 (but supports only SQL
Server Authentication).
Figure 6.2: SQL Server Security Decision Tree
Even though Windows Authentication is recommended, SQL Server Authentication may be
required for connections with clients other than Windows NT 4.0 and Windows 2000 clients; it
may also be necessary for legacy applications.
86 LOVELY PROFESSIONAL UNIVERSITY
