Authenticating connections to SQL Server
All users connect to an iBase SQL Server database using the same SQL Server login identifier (ID) and password, which is saved as part of the database properties.
- when any iBase user logs on to a security file and opens the database
- when any iBase administrator upsizes a database from Access to SQL Server format, creates a new database or uses the Database Configuration utility
The identity of the user attempting to connect is authenticated by using one of the following mechanisms (as defined as part of the SQL Server login):
- SQL Server authentication
- Windows authentication, sometimes called integrated security, where SQL Server accepts the fact that a user has logged on to a Windows domain as sufficient permission to connect to the server. (This is a more secure method than SQL Server authentication because it uses the Kerberos authentication protocol.)
You can also inspect the server and login names in the Database Properties dialog in iBase Designer.
Before you can create or upsize a database, the SQL Server login name and password must be
configured in Microsoft SQL Server, for example by your SQL Server administrator. As a minimum, the
login must have the
dbcreator server role.
After creating an iBase SQL Server database, the SQL Server login and password are stored, encrypted, in the connection file (.idb file).
It is your choice whether all iBase administrators who create databases use the same SQL Server login and password, or whether each iBase administrator has an individual login. Individual logins make it easier for the SQL Server administrator to trace the owner of a database on the server, so you might prefer this option if several users are likely to create databases.
Changing the SQL Server login after database creation
Because the SQL Server login is used when any user logs on to a security file and opens the database, you might prefer to change the login after you create the database to an SQL Server login with a lower level of permissions or to use Windows authentication instead.
You can do this using the Database Configuration utility. This is a much safer method than changing settings while a database is open, using the Database Properties dialog.