November 28, 2008 at 6:45 am
Hi All,
We have an urgent client requirement as following
we need to create a SQL authenticated ID which will accept connections only from our IIS server.
System Name IP
SQLServer 100.100.1.1
IIS 100.100.1.2
Any suggestion would be greatly helpful.
December 3, 2008 at 3:05 am
Not sure if I understand your requirement correctly. If you want to restrict connections coming from other clients like your IIS server, you could create a DDL LOGON Trigger, which would rollback any Logon attempts coming from other hosts. You cannot do it by IP address but only by hostname.
But be very careful implementing this, because it would mean that all your dba tasks must be coming from that host too. You wouldn't even be able to logon locally on the SQL Server.
[font="Verdana"]Markus Bohse[/font]
December 4, 2008 at 8:10 am
In cases where traffic to a SQL Server needs to be restricted to certain machines, I simply get with the network team and have them setup routing rules through the firewall to accept only traffic from those machines I need.
Benjamin Lotter
http://BenjaminLotter.info/[/url]
http://www.LinkedIn.com/in/BenjaminLotter
Delight thyself also in the LORD and He shall give thee the desires of thine heart.
~Psalm 37:4
December 4, 2008 at 9:08 am
I assume this to simulate MySQL's ability to use originating host as part of the user identifier? It differentiates me@myhost from me@yourhost. This always struck me as an archaic holdover from the bad old *nix days without any common method central authentication and some squirrally issues with the old password systems. It has some weaknesses and I've cracked a few MySQL systems that lost access due to network reorgs.
You net admins should be able to keep unwanted systems from connecting.
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply