Forum / Remote Desktop Manager - Support

SQl access and AD user access

Greetings,
I have a RDM enterprise site license and have it configured to connect to a server 2012 & sql 2012 instance which is working fine.

The issue is that users can connect to the database without being defined as a user in the RDM administration and I don't know why.
Users can connect and use the database but cannot work offline until I add their domain username as integrated and give them that right.

What I would like to ensure is that users cannot connect to the database unless this has been done first.

regards

Clock5 yrs

Hi,
The problem is that you use the integrated security with SQL Server. This means that they can connect to the database because SQL Server allows them. I could add an extra layer of validation in the application but they will still be able to connect directly to the database with another tool.

David Hervieux

signaturesignature

Clock5 yrs

so, any user can connect to the sql database? regardless of their addition/non-addition via user administration in RDM

note, I have configured the db connector with integrated security
but users are also defined in the database with integrated security.

What is the correct way to configure access to the SQL database?

Should I be using a specific user account for db connection datasource, and then use integrated security within the db?

Clock5 yrs

Hi Paul,
That's the major difference with Remote Desktop Manager Server. The user are not directly connected to the database.

You other suggestion does not exists in the application, you only have one login and you can't use a different or generic user to access the database.

I know it's not perfect and this is why we have the other product because it's a different architecture.

David Hervieux

signaturesignature

Clock5 yrs

sorry to be a pain, but then why have user administration in RDM , what am I not understanding in the configuration.
the users connect either as a specific sql account (created by the administration user menu) or as integrated. and the database connector is either sql, or integrated.

I assumed as it was all set to "integrated" than an unauthenticated user would be restricted from the database.

if any user can connect, but the defined user permissions provide authority to functions (eg offline) does that mean the default access to the db is effectively as if the undefined user had all the items unchecked in the user definition, eg unable to view, go offline, edit, delete etc, as this would be acceptable as their access is logged.

Clock5 yrs

Hi,
By default an unauthenticated user does not have access to the database. However someone must have given the full access to all user directly in SQL Server. This is not related to RDM. Most of the time, someone has given access to an AD group in SQL Server.

Could you verify with SQL Server Management Studio?

David Hervieux

signaturesignature

Clock5 yrs