0

I have a windows forms application which connects to an SQL Server 2008 R2 database using variously SMO, databinding, and ODBC connections.

Currently it uses entirely Windows authentication, but a client has requested that we also allow SQL Server logins.

Given the only Windows login I have, and can have, is my own, what can I do to test whether my code is actually using the SQL Server login and not simply connecting using my own Windows login?

Alternatively, what can I do to refine this question so it makes sense?

Thanks

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
Melanie
  • 1,349
  • 2
  • 17
  • 27
  • serverfault.com may be better place to ask about how to configure SQL server to use *only* SQL logins (assuming your only account ends up being SQL admin...). Also I have no idea how you can test any client/server configuration when you have single account... – Alexei Levenkov Jul 01 '13 at 06:01
  • my only account is SQL Admin; it looks like what I need to know is how to deny myself. – Melanie Jul 01 '13 at 06:55

1 Answers1

0

Your question is too general but here are some steps you should take.

  1. Create new sql login and only give necessary permissions to this user
  2. Update all connection strings in your application. If these are not consolidated in one config file now is the good time to do this. You can even consider creating a separate class that will handle this.
  3. Add login form to your app that will be shown at the application startup so that user can enter credentials

Best way to test this is to simply disable your windows user in SQL Server and see if application is still running.

Mark Davidson
  • 414
  • 6
  • 4