Skip to main content

SQL Logins



 Logins are the credentials that authenticate connections to an instance. Except in the case of an instance configured to support contained databases, a database user must map to an existing SQL Server login. You can differentiate SQL Server logins based on the type of authentication method used. SQL Server 2012 supports the following login types: 

■ Windows-authenticated login
■ SQL Server–authenticated login
■ Certificate
■ Asymmetric key 

A security principal must have the ALTER ANY LOGIN permission to be able to create SQL logins.

Windows-Authenticated SQL Server Logins:
            Windows-authenticated SQL Server logins are instance logins in which the operating system handles authentication. You can map a Windows-authenticated SQL Server login to a local user account, a local security group, a domain user account, or a domain security group.

To create a Windows-authenticated SQL Server login, use the CREATE LOGIN Transact-SQL statement with the FROM WINDOWS option. For example, to create a SQL Server login by using the local account Local_One on the server SQL-A, use the Transact-SQL statement:


CREATE LOGIN "SQL-A\Local_One" FROM WINDOWS;


To create a SQL Server login using the local security group Group_One on the server SQL-A, use the Transact-SQL statement:


CREATE LOGIN "SQL-A\Group_One" FROM WINDOWS;

To create a SQL Server login using the domain account Account_Two from the domain Contoso, use the Transact-SQL statement:


CREATE LOGIN "CONTOSO\Account_Two" FROM WINDOWS;

To create a SQL Server login using the domain security group Group_Two from the domain Contoso, use the Transact-SQL statement:


CREATE LOGIN "CONTOSO\Group_Two" FROM WINDOWS;

 
SQL Server–Authenticated Logins:
              SQL Server–authenticated logins are authenticated by the Database Engine instance rather than through the host operating system or a domain controller. SQL Server–authenticated login passwords are stored within the master database. If the SQL Server authentica- tion option button is disabled, you must configure the instance to support mixed-mode authentication.


You can create a new SQL Server–authenticated login using the CREATE LOGIN statement and the WITH PASSWORD option. For example, to create a SQL Server–authenticated login named sql_user_a with the password Pa$$w0rd, execute the following statement:


CREATE LOGIN sql_user_a WITH PASSWORD = 'Pa$$w0rd';


You can create a SQL Server–authenticated login to use the password expiration and com- plexity policies that apply to the host operating system by using the following options with the CREATE LOGIN statement:

 ■ CHECK_EXPIRATION Enables you to configure SQL Server–authenticated logins so that the password expiration policy that applies to the host operating system applies to the login. This option can be set to ON or OFF with the default value of OFF.

 ■ CHECK_POLICY Enables you to configure SQL Server–authenticated logins so that the password complexity policy that applies to the host operating system applies to the login. Password complexity policy includes minimum and maximum password lengths and whether the password must contain a mix of uppercase, lowercase, numeric, and symbol characters. This option can be set to ON or OFF with the default value of ON.



Labels:

Comments

Post a Comment

Popular posts from this blog

Self Introduction and Responsibilities of a SQL Server DBA.

Hi, Self Introduction:                      I am Vang chew bigger , currently I am working with   Citronics , Here my role is SQL Server Database Administrator , I am having 3+ yrs Exp in SQL SERVER DBA with T-SQL, I have experience on SQL Server 2000, 2005 and 2008, I have a great experience on installation and configuration of SQL SERVER versions, and also applying the patches, hot fix, services packs and RTM’s accordingly, involved in upgrading on in place and side by side as per client requirement, and also Migrating the database on SQL SERVER 2000 to 2005 and 2008, Solid experience on configuring and maintenance of High availability SQL Server solutions, including Log shipping, Database Mirroring, Replication(Transactional and Merge) and SQL Server Clustering., having experience on performance tuning on server level, database level and query level, Responsible for working with application developers in identifying, resolving and proactively working to prevent performance or oth
3 comments
Read more

SQL Server 2016 Windows Server 2016 Firewall Rule Step-By-Step.

SQL Server 2016 Windows Server 2016 Firewall Rule Step-By-Step. Opening Firewall in SQL Server 2016. Once the SQL Server is installed on the machine. We must enable the incoming traffic i.e., from the application to the SQL Server Database. For this purpose, we must create rule for SQL Server ports so that the application can connect to database & perform the CRUD operations on the tables. Now Let’s start Step-by-Step to enable it. 1.   Start System and Login (As Administrator); 2.   Open Control Panel. Click on Windows Firewall; 3. Now click on Advanced Settings; 4. Windows Firewall console open. If you click on Properties (right side) – you can disable firewall for all networks. We going to Inbound Rules (left side) for our rule creation; After Clicking on the Inbound rules. We will see the below screen.  Click on New
Post a Comment
Read more

Shrinking a SQL Server Log File with Database in Always ON Availability.

Shrinking a SQL Server Log File with Database in Always ON Availability.                    Once we had a situation in our production server that the database which is in Always ON Availability group has been grown to the maximum size.  Many of them say that we can't shrink the log file as the database is in Always ON and we should take the downtime to perform the operation. But we shrink-ed the database log file to 5 GB from 180 GB. Steps are as below: --To Check the Number of pages allocated by the LogFile. DBCC LOGINFO --To check the file sixe sp_helpdb [SQLPantry] --To check the Log file Size DBCC SQLPERF(LOGSPACE) The above statement will show the logspace of all db at present situation. --To check the Log_reuse_wait description of a log file. select log_reuse_wait_desc,* from sys.databases The above statement will show the status of the log whether it has to be backuped i.e., LogBackup, Nothing, Active Transaction.  When ever there is status as Activ
1 comment
Read more