SQL Server Performance

Allow Multiple Logon with One Username

Discussion in 'SQL Server 2005 General DBA Questions' started by tmccrank, Nov 15, 2005.

  1. tmccrank New Member

    Hi All,

    I have SQL Server 2005 installed on a Server 203 Ent. box. I am using a message board for communication within the department, but I want to set it up so that it's one username for all staff. Is it possible to make it so that I can have more than one person logged in to the database using the same logon? If so, how would I go about this?
  2. derrickleggett New Member

    You can have as many people as you want using the same logon for SQL Server connections in 2000 or 2005. Why are you wanting to do this though? Do you want to give them different logins, but only have one login to manage? Are you wanting them to have their own logins on the message board, but the message board application only have one login into SQL Server? Or, do you actually want to just have one login?? Personally, I would think the one login would be a really bad idea. How new are you to SQL Server?

    MeanOldDBA
    derrickleggett@hotmail.com

    When life gives you a lemon, fire the DBA.
  3. tmccrank New Member

    I'm not that new to it. I'm also no wizard...

    The reason I want one login is this:

    I support nurses in an NICU department. Anything new is impossible to implement if they have to learn something. I want to give access to all NICU nurses without giving them individual accounts. They will not setup their own account, and I do not have the time to be constantly updating membership lists for over 200 nurses. This is why I want the same user account for all people. This way they can all use the same account. The problem is, when I login to the message board, as soon as someone else logs in at the same time, it always punts me out. This is a problem because we need to be able to have approx. 15 people logged in at the same time. Does that simplify my dilemma? Hopefully you can help.

    Thanks.
  4. Adriaan New Member

    They already have access to the system - so aren't they logged on to a network under their own Windows account? In that case, use integrated security, and assign permissions to an NT group to which only the nurses belong. Make it clear that the network administrator must know who is a nurse, and you're done.
  5. mulhall New Member

    On your message board, how does one differentiate one persons post from anothers?

    Also, IIRC as nurses don't sit at desks all day, it's likely that they leave a single PC logged in all day.

    I would suggest using an anonymous message board.



    Incidentally, where does SQL fit into all of this? If it's an IIS front end and SQL simply stores the messages, all you have to do is configure your front end to access SQL with a single account.
  6. tmccrank New Member

    Yes, they all have Domain logon accounts. However, there is no group setup for Nurses within the department. Therefore, I cannot grant logon access to a specific group. The message board is meant to be anonymous, which is why I am using the same logon for all people. The problem is that only one person can be logged on with that username at once. Also, the Nurses do not stay logged on to a PC all day. They do their work and log off.
  7. tmccrank New Member

    I think the problem is that SQL Server 2005 is not allowing simultaneous connections to the DB using the same logon.
  8. Adriaan New Member

    quote:However, there is no group setup for Nurses within the department. Therefore, I cannot grant logon access to a specific group.
    So what's the problem with creating a group for this purpose?

    And how anonymous is anonymousm here? As long as no one is monitoring logins, and you're not storing login information with the data being entered, that could be anonymous enough.
  9. tmccrank New Member

    The problem with creating a group is that we have over 200 nurses in the unit, and it's constantly changing in terms of hiring, quitting, department transfers, etc.
  10. Adriaan New Member

    But you are letting them log on to a pc?

    Another thing is that it sounds like your system uses bound forms or something. If the client app would work with unbound forms, where all selects, inserts, updates and deletes are implemented through stored procedures, then the app is connected to the database only very briefly and for a short time. There should not be an issue with the same login executing multiple stored procedures over (for instance) ADO connections.
  11. tmccrank New Member

    They are logged onto a PC, they have to be. So they're logging on with their Domain account, but the problem is if Person A is logged into the message board using the generic NICU account, and Person B logs on using NICU, Person A refreshes a page, or clicks any link, and it has logged that session out because of Person B being logged in recently.
  12. Adriaan New Member

    Yes, that's when using a generic account. It wouldn't happen if the client app checks the current network login each time before contacting the message board server app.
  13. tmccrank New Member

    I'm not setting up a group for the message board to authenticate through. It's too much work and I don't have time to update it all the time.
  14. Adriaan New Member

    OK, so you have a problem, and you have a solution. Think priorities.
  15. satya Moderator

    I know of certain applications that map all application users to a single SQL login. Though it appears as one user opening multiple connections, it can be actually multiple users accssing database with single SQL login.

    Satya SKJ
    Contributing Editor & Forums Moderator
    http://www.SQL-Server-Performance.Com
    This posting is provided “AS IS” with no rights for the sake of knowledge sharing.
  16. mulhall New Member

    Adriaan is correct, the solution is to create a group for the users this would take roughly 3 minutes all told.

    Managing membership of that group is not a problem, there is already work for the guy who creates and deletes their accounts anyway.



    A worse solution would be to allow anonymous connections on IIS, and grant the anonymous account access to SQL.

Share This Page