SQL Server Security

SMS uses SQL Server security to provide access to the SMS site database. SQL Server provides two authentication methods. Windows Authentication is available for all SQL Server network libraries, and it authenticates access based on the Windows account. SQL Server authentication uses SQL Server-specific accounts that are maintained within SQL Server. The SQL Server account must be specified when making the connection to SQL Server. SQL Server Authentication is present for backward compatibility and for clients running Windows 95 and Windows 98. Its use is discouraged for servers in an enterprise environment.

Mixed security is not an explicit option for SQL Server. Windows Authentication is always available. SQL Server Authentication can be enabled and disabled. The effect of mixed security is achieved by enabling SQL Server Authentication.

SQL Server provides roles, which resemble Windows group accounts that have members. Permissions are assigned to roles using GRANT, REVOKE, and DENY statements. DENY explicitly denies permission on an object and takes precedence over all other permissions.

For more information about SQL Server security, see to the SQL Server documentation.

For More Information

Did you find this information useful? Please send your suggestions and comments about the documentation to smsdocs@microsoft.com