|
The integrated login feature allows you to maintain a single user ID and password for both database connections and operating system and/or network logins. This section describes the integrated login feature.
Integrated login capabilities are available for database servers running on Windows. It is possible for Windows clients to use integrated logins to connect to a network server running on Windows.
An integrated login is a mapping from one or more Windows users or Windows user group profiles to an existing user in a database. A user who has successfully navigated the security for that user profile or group and logged in to a computer can connect to a database without providing an additional user ID or password.
To accomplish this, the database must be configured to use integrated logins and a mapping must have been granted between the user or group profile used to log in to the computer and/or network, and a database user.
Using an integrated login is more convenient for the user and permits a single security system for database and network security. Its advantages include:
The user does not need to type a user ID or password.
User authentication is done by the operating system, not the database: a single system is used for database security and computer or network security.
Multiple user or group profiles can be mapped to a single database user ID.
The name and password used to login to the Windows computer do not have to match the database user ID and password.
| Caution
Integrated logins offer the convenience of a single security system, but there are important security implications that database administrators should be familiar with. See Security concerns: Unrestricted database access, and Security concerns: Copied database files. |
Creating integrated logins for Windows user groups
Setting up integrated logins
Network aspects of integrated logins
Creating a default integrated login user
Security concerns: Unrestricted database access