Previous page

Next page

SQL Server Authentication Process

Summary

Before a user can perform a task or access the PayGlobal database, SQL Server must authenticate the user.

When SQL Server is installed, the authentication mode, which specifies how users can log on, is set up. There are two options:

  • Windows (or NT) Authentication
  • Mixed Mode (Windows Authentication and SQL Server Authentication)

Both modes are supported. The PayGlobal installation defaults to creating a PGUser, which is used in SQL Server Authentication. If a PGUser is not specified, Windows Authentication is used.

Windows (or NT) Authentication

Users are authenticated when they log onto the Windows domain. SQL Server can be requested to trust this authentication, but each user's security must also be set up in SQL Server for verification.

Windows Authentication is more secure but slightly more complex to set up. Use SQL Server Enterprise Manager to grant Windows users and groups access to the SQL Server. As part of this process, you can authorise them to perform server tasks, grant them access to the PayGlobal database and add them to database roles. This task is performed one user at a time.

Mixed Mode (Windows Authentication and SQL Server Authentication)

SQL Server performs the authentication by checking to see if a SQL Server login account has been set up and if the password matches the one stored in the sysxlogins table. This enables multiple users to access the PayGlobal database on the SQL Server using only one user name and password.

Changing authentication modes

If required, a Server that has been set to use Windows only authentication can be switched using SQL Server Enterprise Manager. On the Security tab of the SQL Server Properties dialogue box click the SQL Server and Windows option. Click OK.

You must stop and restart the SQL Server service for the change to take effect. If the SQL Server agent is also running, you will be prompted to stop this service as well. The SQL Server Agent service will not be restarted automatically, so you will need to start it manually.

Security Note

The default sa login which is used for Mixed Mode authentication, should have a password assigned to it. The default password for this login is blank. Leaving the password blank is a common cause of security breaches in SQL Server.

See also

SQL Database After Installing PayGlobal

SQL Database in PayGlobal

SQL Recommended Configuration

Previous page

Next page