I'm using SQL Server 2005 Express Edition for the first time for a Timeclock
application I've written in VB6. SQL and the application itself will be
installed on a standalone at a remote retail location for use by about a
half dozen employees. While none of them are PC gurus, once and awhile you
encounter a hacker wanna be you knows enough to explore where they
shouldn't.

Normally, user logins have only Standard User rights but because of another
proprietary backoffice application, the universal login used by the staff
must have Windows Administrator rights. This brings me to my question: "When
I setup my database on the PC, should authentication be Windows or a
separate SA password?" My thinking is if Windows Authentication then it will
be possible for any employee to run a query or use SSMSE to view/modify the
tables. If use SA with a password, I'm assuming I would have to include this
in my Open Connection code within my application.

Thanks in advance,

Barry

BCS (bswed***@tayloroil.com) writes:
Show quoteHide quoteA universal login? That's sounds bad in my ears.

That other application, does it require admin access in SQL Server, or
in Windows only? In the latter case you could revoke ccess for
BUILTIN\ADMINISTRATORS, so that in SQL Server users will not have admin
access.

Some user who is trustable must of course will have sysadmin rights in
SQL Server. This could be sa if you enable SQL Server authentication, but
I don't recommend sending the sa password over the wire with application.

convert flat file to native file format for bcp
Query Help: Counts & Sums
Passing back more than 1 output parameter to VBA code
The command(s) completed successfully. - Can i turn this output off?
preparing monthly report