Can we limit the number of users (For ex. 5) for a particular login
Or Is there anyway to restrict the particular User using POLICY MANAGEMENT in SQL SERVER?
Please kindly help me to implement this.
Don't think it could be done with PBM, but you can solve this by creating a logon trigger, and in the trigger do a quick query on sys.dm_exec_sessions, counting sessions with the original_login_name same as suser_sname().
Beware that an error in login trigger could prevent all logins and render the instance unaccessible. To fix this, start the service in single user mode (-m).
Hope it helps.
Related
I'm trying to update this users permissions in sql server but it will not allow me. I am getting this pop up message whenever I try. I only see one account for this user. Is there a way to check to see if there are more than one and delete the one that is not in use? Not a dba at all but got tossed into this. Thanks.
This is the section I'm trying to update. It is from Databases --> security --> login and right clicking.
It seems to be missing the login name? How can I edit to add?
We are setting up a new application framework and we are wondering the best practices for setting up database security for our users. In our old framework, there was a user logon process and once the user was logged on, the framework controlled what forms and menu options a user was permitted to. All users accessed the database with the same user account.
The disadvantage to this approach is that you cant use SYSTEM_USER to find out who is making a particular database request.
The new framework will still have a logon form and it will control what menu options a person can access. Should we be setting up a database user account every time a new user is added to our application? Would this cause any licensing concerns since you cant use connection pooling?
It won't cause licensing issues, but it will generate a large number of connections which may cause performance issues.
A better solution would be to add a parameter to your stored procedures to pass in the UserID of the current user so that it can be logged.
If passing in the parameter is undesirable, you can put the current user in CONTEXT_INFO(), or if you are using SQL 2016, SESSION_CONTEXT() and log it from there. https://www.mssqltips.com/sqlservertip/4094/phase-out-contextinfo-in-sql-server-2016-with-sessioncontext/
I'm building a Laravel website and I'm using the database driver to manage sessions. I created the sessions table in database and migrated with php artisan. Everything works as expected.
What I really want to do now is to check the role of the users that are online but I don't know how to get this with the fields of the sessions table in the database.
I don't really understand how the sessions table work, because I see that it registers a new row when I access to the login page, but it doesn't change when the user has logged in and when the user has logged out.
All I wanted is to check the role of the users active in the app....
Someone can help me with how to get to this?
Thank you!
I suggest you a very simple way. Just in your users table add a field called "is_online" that is 0 by default. When the user logs in , just change it to 1 and when he logs out change it back to 0. So DB::table('users')->where('is_online' , 1)->all() returns the online users.
I can print
System.Security.Principal.WindowsIdentity.GetCurrent().Name is #System.Security.Principal.WindowsIdentity.GetCurrent().Name
in a razor (.cshtml) file, however, I do not know how to print the app pool or verify that it is indeed accessing the database to login to it (as the login currently fails, that portion is an even tougher question).
This may require creating a string in the controller action trying to access the database, e.g. near something like:
db.myTable // etc
Thanks in advance.
The name you are returning in the code sample is the windows user id that the app pool is using (look in the app pool properties to see what windows username it is using).
This user name, complete with domain name, needs to have access to the db.
You may like to create your own windows user just for the app pool to use something other than local service as it may not be a good idea to give any local service access to your database.
As Will says in his comment, sql profiler should be able to help you find out what's happening if you are not sure.
we have a database with distinct login for every employee. Full of triggers checking permissions, writing logs of user activity, etc. Now I am writing a simple CakePHP interface to a part of it.
What I need to achieve is to connect to the database through CakePHP. Something like connect() method that will try to connect to DB with entered credentials and, if successfull, will keep that connection and access the CakePHP application.
Well, I am googling since yesterday but can't find any direction. Do you know about any article/example..., that would help me with this task?
Thank you very much for your time.
-Petr
there is information on how to do this in the book http://book.cakephp.org/view/1250/Authentication