Good morning,
We are having a debate here about development. We in
programming would like to create a generic user account
for example TransDev and have the users use that to create
an ODBC connection to the database versus having it
reference a person. The network admin group says that's a
horrible thing to request. I didn't find such an instance
on your website which answered a lot of my other
questions. Do have a perspective from a security
standpoint where such a request would be a bad thing?
Thanks in advance.
Laura MayerThe advantage of individual accounts is that you can control security per
user. Otherwise, you have no way to restrict access because the
login/password is well known.
A best practice is to create roles and grant permissions only to roles. You
can then control security via user role membership. This works especially
well with Windows authentication since you can login to SQL Server with
individual user credentials without bothering with a separate account.
Hope this helps.
Dan Guzman
SQL Server MVP
"Laura" <anonymous@.discussions.microsoft.com> wrote in message
news:bbda01c4082c$49c97820$a401280a@.phx.gbl...
> Good morning,
> We are having a debate here about development. We in
> programming would like to create a generic user account
> for example TransDev and have the users use that to create
> an ODBC connection to the database versus having it
> reference a person. The network admin group says that's a
> horrible thing to request. I didn't find such an instance
> on your website which answered a lot of my other
> questions. Do have a perspective from a security
> standpoint where such a request would be a bad thing?
> Thanks in advance.
> Laura Mayersql
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment