Friday, August 22, 2014

Difference between Integrated Security = True or SSPI


I am pretty sure that when we work with connection strings we would have come across this multiple times. 

"Persist Security Info=False;Integrated Security=true;Initial Catalog=Northwind;server=(local)"

Below is an explanation:

Integrated Security -or- Trusted_Connection (Default value = 'false')

1. When false, User ID and Password are specified in the connection.

2. When true, the current Windows account credentials are used for authentication.

3. Recognized values are true, false, yes, no, and sspi (strongly recommended), which is equivalent to true.

4. If User ID and Password are specified and Integrated Security is set to true, the User ID and Password will be ignored and Integrated Security will be used.

Exception - With an OLE DB (non SQL) connection:

1. Integrated Security is not equivalent to Trusted_Security.

2. TRUE and YES are not the same as SSPI.

To use Windows authentication with OLE DB, one must use "Integrated Security=SSPI". 
Using TRUE or YES for this value does not work. 
Using Trusted_Connection with any value does not work.

No comments:

Post a Comment