wd
 |
| 09/12/2002 4:18 PM |
 Quote
 Reply
 Alert
|
| we need to set up a sql server and allow only a few users access to a database. the front-end is not a web/browser based ui. rather it is a simple desktop ui that the user has to input a user name and password. because these users will not be within our network, we don't want to use windows integrated security. we have, instead, opted to setup individual user accounts (with strong passwords). our concern is that we don't want to open the server to everyone in the world, just a few select users. is this possible? if so, is the best method a firewall with ip address filtering??
thanks....for any help.. |
|
|
|
|
Chip Andrews
|
| 09/12/2002 5:46 PM |
Quote
Reply
Alert
|
| Keep in mind that besides authentication you need to worry about privacy.
I recommend that you make use of SSL on the SQL Server by installing a certificate on the SQL Server and requiring SSL for Server connectivity. Install certificate services on a protected server for issuing the server certificate. You will need to make sure that the clients are set to trust the certificate by installing it in the client's root certificate store since hopefully you won't be issuing the certificates from a public CA.
Limiting access by IP is also an "additional" item you can attempt but if the users have roaming IP ISPs then its probably more trouble than its worth.
Another option would be to use a VPN to provide both authentication and privacy.
Chip |
|
|
|
|
wd
|
| 09/12/2002 6:05 PM |
Quote
Reply
Alert
|
| Thanks for the advice. I appreciate it.
...wd |
|
|
|
|
wd
|
| 09/16/2002 2:04 AM |
Quote
Reply
Alert
|
| Chip...(or whoever can reply)..
how does one install a certificate in SQL Server 2000 without IIS running on the same machine??
Thanks......wd
|
|
|
|
|
Chip Andrews
|
| 09/16/2002 11:01 AM |
Quote
Reply
Alert
|
| Load the MMC. Add the certificates MMC plug-in. You can place the certificate in the service accounts personal store or the machine store. |
|
|
|
|