Hi, my company currently runs a native domain, and within the domain, a
corporate SQL database.
At the moment i need to add new users to the AD infrastructure, and then to
the SQL database.
is there anyway i can link the SQL table containing u/names & passwords to
AD, so i do not need to keep updating both?
TIAHi Fred
"Fred" wrote:
> Hi, my company currently runs a native domain, and within the domain, a
> corporate SQL database.
> At the moment i need to add new users to the AD infrastructure, and then to
> the SQL database.
> is there anyway i can link the SQL table containing u/names & passwords to
> AD, so i do not need to keep updating both?
> TIA
>
You would be better adding the users to a AD group and then giving that
group access to SQL Server, then all the admin of adding users is done in the
AD.
John|||Many thanks for the reply,
i may have not myself clear, but the users credentials are currently stored
within the SQL database and also obviously in AD.
I'm looking to get AD to populate whats in the SQL database automaticaly.
"John Bell" <jbellnewsposts@.hotmail.com> wrote in message
news:056B6E3C-3AF7-46E3-9BD5-4E0B2318EC7A@.microsoft.com...
> Hi Fred
> "Fred" wrote:
>> Hi, my company currently runs a native domain, and within the domain, a
>> corporate SQL database.
>> At the moment i need to add new users to the AD infrastructure, and then
>> to
>> the SQL database.
>> is there anyway i can link the SQL table containing u/names & passwords
>> to
>> AD, so i do not need to keep updating both?
>> TIA
> You would be better adding the users to a AD group and then giving that
> group access to SQL Server, then all the admin of adding users is done in
> the
> AD.
> John|||Fred wrote:
> Many thanks for the reply,
> i may have not myself clear, but the users credentials are currently
> stored within the SQL database and also obviously in AD.
> I'm looking to get AD to populate whats in the SQL database automaticaly.
>
Hi Fred,
I think you need to read up on Security in SQL Server. In SQL Server you
can use Windows authentication and/or SQL Server authentication.
SQL Server authentication means that the loginname/userid (and password)
ONLY exists in SQL server and has nothing to do with your AD.
Windows authentication means that you give an Active Directoy userid
access to you SQL server databases. This can be done either via group
memberships as suggested by John or you can give single users various
rights in SQL Server. If you give access based on AD groups, you can
don't have to go to the SQL server to assign rights, but you can do it
directly from the AD gui. This will of course require that you can
define some general rights for a group of users.
--
Regards
Steen Schlüter Persson
Database Administrator / System Administrator|||Hi
"Fred" wrote:
> Many thanks for the reply,
> i may have not myself clear, but the users credentials are currently stored
> within the SQL database and also obviously in AD.
> I'm looking to get AD to populate whats in the SQL database automaticaly.
>
As Steen points out this should not be necessary for logins, but if a list
is needed for some other reason you can query AD through an ADSI linked
server see
http://msdn2.microsoft.com/en-us/library/aa772170.aspx
http://msdn2.microsoft.com/en-us/library/aa746379.aspx
or through a scripting such as http://support.microsoft.com/kb/319716
John|||Many thanks for your input guys,
i'll start reading up on this through your links etc.
Cheers
"John Bell" <jbellnewsposts@.hotmail.com> wrote in message
news:29C53C3C-41EF-4C6C-A9F8-F4783BE4E9F1@.microsoft.com...
> Hi
> "Fred" wrote:
>> Many thanks for the reply,
>> i may have not myself clear, but the users credentials are currently
>> stored
>> within the SQL database and also obviously in AD.
>> I'm looking to get AD to populate whats in the SQL database automaticaly.
> As Steen points out this should not be necessary for logins, but if a list
> is needed for some other reason you can query AD through an ADSI linked
> server see
> http://msdn2.microsoft.com/en-us/library/aa772170.aspx
> http://msdn2.microsoft.com/en-us/library/aa746379.aspx
> or through a scripting such as http://support.microsoft.com/kb/319716
> John
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment