Results 1 to 6 of 6
  1. #1
    Join Date
    Aug 2003
    Posts
    4

    Question Unanswered: Can SQL Query Analizer be desactivated?

    Hi,

    I have a weird situation I hope you can help me. When SQL Query Analizer is opened it displays a Window asking if you want to connect using Windows Authentication Mode or SQL Server mode.

    Do you know if there is a way to desactivate the SQL Server mode, I mean that only the Windows Authentication Mode be enabled when Query Analizer is run.

    I don´t want users be able to connect with the SQL Query Analizer using a SQL Server password (there is a Sql user in the server and most of the developers know him), only by Windows Auth. Mode.

    - Please help -

    Thanks

  2. #2
    Join Date
    Jun 2003
    Location
    Ohio
    Posts
    12,592
    Provided Answers: 1
    Your problem is not with Query Analyzer. If you block that, you still have to worry about people making connections through MS Access, the OSQL command line utility, or other methods. If you are really concerned about this, you can change your server so that it only allows NT security connections. At the moment, your server is likely in "mixed security" mode.

    Regardless, you should be able to modify the SQL Server account for the user and either delete it or restrict it's access.

    blindman

  3. #3
    Join Date
    Aug 2003
    Posts
    4
    Thanks Blindman, I know my problem is with the SQL Server configuration. The main problem is that there is a client application that it uses a SQL Server user and it can be disabled without modifying the client, that's why the server is in Mixed mode, but I don't want Developers enter to the production environment with that user.

    It would be like a temp fix disabling the SQL Query Analizer, of course if there is a way.

  4. #4
    Join Date
    Jul 2003
    Location
    London
    Posts
    26
    Hi have a look at Application Security Roles this may be what you require.

  5. #5
    Join Date
    Jun 2003
    Location
    Ohio
    Posts
    12,592
    Provided Answers: 1
    You can't control database access through Query Analyzer. Consider that even if there is a Query Analyzer option that disabled SQL Server logins, you would have to enforce this on every copy of Query Analyzer and you'd have no way to prevent users from changing it back.

    Are you concerned about users modifying data through Query Analyzer, or just about them modifiying the database schema? Make sure the login does not have permission to modify the database schema (the application shouldn't require this in order to function), and then if you need data security then Application Security roles are the way to go.

    blindman

  6. #6
    Join Date
    Aug 2003
    Posts
    4
    Thanks for your comments. My concern is that developers modify data using the query analizer, it looks like Application Roles is the way to go but since the developers have the source code they would know the Application password to activate the role, well I think I could create a COM Object in the server to make the connection, so developers don't have access to the password of the role.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •