Application Security

We have a Visual Basic 5 .exe that is used to launch an application process
to import files from our application server to update the database server.
Both servers are Windows 2003 Server Standard Edition. The application laun
ches MS Access 2000 and imp
orts files into an Access database table and then connects to our database s
erver hosting SQL Server 2000 Sp3 to update a master table of users.
The VB app is launched with a local account on the app server and uses a reg
istry value to get the database connection string using SQL Authentication.
We have noticed an authentication error message (Failure Event ID 529) on t
he SQL server for the accou
nt launching the scheduled task that runs the imports. The error only occur
s on the SQL server when a load occurs on the application server. The load
occurs when users run a Web .ASP application and run end of month procedures
. It connects to the same
SQL server with the same SQL Authenticated credentials.
The import VB application does not start to authenticate unless a load is pr
esent on the server. Why would the security context change and go away from
SQL authentication' The work around so far is to use a domain account or
mirrored account on the SQL
server.
Thanks.It sounds like the VB application is using a connection string that is
requesting Windows Authentication. This is why it works if you
use a domain account or duplicate the user account and passwords. Check
the Security tab in Enterprise manager and verify that you are allowing
both SQL and Windows Authentication. Enable auditing for both failed and
successfull logins and test using both standard and Windows authentication
to validate the logging.
Thanks,
Kevin McDonnell
Microsoft Corporation
This posting is provided AS IS with no warranties, and confers no rights.