I have my sql server 2008 setup with mixed mode authentication. I went into sql server and added a new login and referenced an active directory user.
But it seems like all the windows authentication based stuff only ever works with whatever was used to login to the operating system. So I’m outside their domain on my machine and I can’t connect. But even if I remote desktop into the server itself, using a seperate remote desktop login, even on that machine, I can’t login using the active directory user since in the login box, if I choose window auth, I can’t specifiy a different name, and sql server auth says invalid login. I don’t see how to supply a windows username and password JUST when logging into sql server.
And also, what about my .net apps? I don’t want to hardcode a sql server auth username/password into my encrypted connection string, i want to hard code a windows active directory username/password into the connection string.
And then reporting services, aarrghhh.. Does reporting servies ONLY work with windows logins? If so, then I’m stuck with getting the above working. If not, how do I configure a sql server login to also let me access all our reports?
This is a really broad question; I’ll give a survey of some of the different topics you address. I work in a hosting provider and we have many domains with no trusts between them, so I deal with this on a daily basis.
Yes, SQL Server Windows authentication really wants to use the credentials running the client application. You can work around this with the RunAs /netonly switch:
Authentication for .NET apps is a big topic. Lots of options and chapters, if not books have been written on this.
Regarding Reporting Services: most of this access is through a browser. So this will use whatever credentials you supply to your browser. In IE this is controlled through the security zones and settings of whether your current credentials should be used or if you should be prompted.