Summary
Using the nodejs tedious driver, I am able to specify any domain name to connect to my instance of SQL Server via NTLM authentication, and am then capable of querying the database with this connection.
Background
The tedious driver is used as the db connector for essentially all of the popular node SQL Server modules (node-mssql, typeorm), and unsurprisingly I am encountering this issue when testing with all three modules.
Historically I believe this hasn't been an issue so I am starting to wonder if maybe this has to do with the configuration of the Windows box that I am using (Win Server 2016). Unfortunately my knowledge of Windows administration is lacking.
There is currently an issue filed against the official GitHub for the tedious driver that covers exactly what I'm experiencing, but I don't see how the driver could be the source of this.
Things I've Tried
- VMs that are connected to a Windows domain
- VMs that are not connected to a Windows domain
- Connecting with a user that isn't the default Administrator
- Checking the Event Viewer logs after a successful login attempt
- this shows the SecurityID, Account Name, and Account Domain as all the correct values (rather than the incorrect ones that I specify in the connection configuration)
Reproduction
npm install tedious
let config = {
server: '<server ip>',
port: 1433,
authentication: {
type: 'ntlm',
options: {
domain: 'WRONGDOMAIN',
userName: 'Administrator', // update me
password: 'password' // update me
}
},
options: {
database: '<database name>'
}
}
I can then connect to the database regardless of what the domain value is, as long as the user has the required permissions.
