08-13-10, 15:58 #1Registered User
- Join Date
- Sep 2001
- Chicago, Illinois, USA
Unanswered: Uniquely identifying who logged-in to the MSSQL Server via Citrix
Customer has a third-party HR/payroll/accounting program that uses MSSQL as it's backend.
Program has its own internal security and a successful login is recorded in one of its tables.
Customer wants to audit any changes made to certain critical tables and wants to tie the changes to the the third-party user login stored in that login table.
I have put a trigger on that login table to record in another table, whenever a new record is created, the third-party user login AND the net_address (IP address).
With subsequent changes to critical tables the customer wants to monitor, I can determine the IP address of the process and cross-reference, via that IP address, to the third-party user login I previously recorded.
Problem is, however, that the customer uses Citrix for offsite sessions. Each Citrix session accessing MSSQL Server reports the Citrix Server's IP address to MSSQL Server, not the originating client's IP address. In other words, there may be 10 people using a CITRIX server and all ten will have the same IP address, rendering my logic above useless.
A long-shot here, but has anyone ever dealt with Citrix communcations with MSSQL and uniquely identifying those connnections?Ken
Maverick Software Design
(847) 864-3600 x2
08-13-10, 17:36 #2Resident Curmudgeon
Provided Answers: 54
- Join Date
- Feb 2004
- In front of the computer
When the user logs into Citrix, they will have an AD Authenicated Login which should be unique (no two users ought to use the same AD Login). That can be accessed by SQL Server as Suser_Sname() for auditing purposes.
-PatPIn theory, theory and practice are identical. In practice, theory and practice are unrelated.