where Windows Authentication is stored?

Question

1.00/5 (1 vote)

See more:

Where windows-authentication is stored which we can use to log-in SQL-server?

SqlServer must be getting user name and password from some mechanism? From where it get that details? Does it invoke some OS method to get that?

OR Somewhere it is stored which it use automatically?

Posted 5-Jun-11 22:06pm

sushil_gupta

Updated 5-Jun-11 23:11pm

Dylan Morley

v2

Add a Solution

Comments

Dylan Morley 6-Jun-11 5:21am

Please have a look at the article I posted regarding Kerberos.

SQLServer doesn't get 'username and password' from anywhere, you've gone through a ticket 'challenge and response' mechanism with an authentication server that will allocate you a ticket

SQLServer is checking the Ticket you've been allocated, this is how it knows who you are and your credentidals are valid

Have a look at this article as well

http://learn-networking.com/network-security/how-kerberos-authentication-works

4 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Prerak Patel · Answer 1 · 2011-06-05T22:17:00

Solution 1

Windows authentication is not stored anywhere. It allows you to use your windows/AD username and password to connect to database.

http://databases.about.com/od/sqlserver/a/authentication.htm[^]

Posted 5-Jun-11 22:17pm

Prerak Patel

Comments

Sergey Alexandrovich Kryukov 6-Jun-11 15:15pm

It's correct (a 5), but why?
I think OP lack of understanding what authentication does in principle.
Please see my explanation.
--SA

Simon_Whale · Answer 2 · 2011-06-05T22:23:00

Solution 2

You can check the Login Property[^] for a particular user, but as Prekak Patel has said the Authenication isn't stored on SQL Server

Posted 5-Jun-11 22:23pm

Simon_Whale

Comments

Sergey Alexandrovich Kryukov 6-Jun-11 15:14pm

Good, my 5. I think OP lack of understanding what authentication does in principle.
Please see my explanation.
--SA

Dylan Morley · Answer 3 · 2011-06-05T22:24:00

Solution 3

As mentioned, Windows Authentication details aren't stored anywhere.

Have a look at the Kerberos Protocol[^] which describes the one way hashing and Ticket based system.

Posted 5-Jun-11 22:24pm

Dylan Morley

Comments

Sergey Alexandrovich Kryukov 6-Jun-11 15:07pm

My 5.
--SA

Sergey Alexandrovich Kryukov 6-Jun-11 15:15pm

I think OP lack of understanding how security works in principle.
Please see my explanation.
--SA

Sergey Alexandrovich Kryukov · Answer 4 · 2011-06-06T09:13:00

Solution 5

Apparently you're not getting the answers. Let give you some explanation. I don't know where the authentication is stored in each case, but I know for sure that the password is not stored anywhere. Not at all! This is because to store a password means to betray the owner of the password, and because the password is not needed for authentication (surprise?).

There are different techniques; the simplest one is using a Cryptographic Hash Function, see http://en.wikipedia.org/wiki/Cryptographic_hash_function[^]. You hash the password and store the hashed form of it only. To authenticate, you only need to compare one hashes password with the stored hashed password, never a password itself. You never need it. And this is impossible to refer the hash to get original password. Each Cryptographic Hash Function is designed to prevent that.

—SA

Posted 6-Jun-11 9:13am

Sergey Alexandrovich Kryukov

Comments

Simon_Whale 6-Jun-11 17:17pm

in respect to SQL server - windows authentication mode it uses the username and password that is stored within AD (Active Directory)

Sergey Alexandrovich Kryukov 6-Jun-11 21:44pm

I'm not an expert here. Could you confirm that a password is not stored as is, in its original form, but is stored in its encrypted or hashed form?
--SA

sushil_gupta 6-Jun-11 22:43pm

Actually I was looking for that kind of answer.
So SQL server gets the information from AD(Active Directory). Thanks you so much.

Sergey Alexandrovich Kryukov 7-Jun-11 16:31pm

You're very welcome.
If so, will you this answer as accepted, formally (green button)? You can mark more then one.
Thank you.
--SA

Prerak Patel 7-Jun-11 5:24am

Nice explanation, my 5...

Sergey Alexandrovich Kryukov 7-Jun-11 16:30pm

Thank you, Prerak.
--SA