Connecting to a Microsoft SQL Server database
This topic describes how to connect to the Microsoft SQL Server Database and how to handle the security and authentication.
Connect to the database
StarTeam Server requires Microsoft SQL Server authentication to connect to Microsoft SQL Server databases, rather than the default Microsoft Windows authentication. If you install Microsoft SQL Server using the default settings for security and authentication, StarTeam Server will experience problems connecting to the database.
To specify the security to use when connecting to Microsoft SQL Server:
- Start the Microsoft SQL Server Installation Wizard.
- Go to the Authentication Mode page of the wizard.
- Select Mixed Mode (Windows Authentication and SQL Server And Windows option button (instead of the Windows Only option).
- Type and retype the password to use.
- Click Next to complete the rest of the wizard.
Windows authentication support for Microsoft SQL Server
The StarTeam Server database administrator needs to set up the Windows authentication for the SQL Server.
To set up the authentication:
- Create a domain service for StarTeam Server admin. For example: service.starteamadmin
- Login to the StarTeam Server machine as an administrator and add that account to the administrator group.
- Shutdown the StarTeam Server.
-
Login to Microsoft SQL Server database machine and add the service account to Microsoft SQL Server and change the db ownership to this account using the following script. The following script adds login service.starteamadmin to Microsoft SQL Server.
Login as sa
Use master
GO
Create LOGIN [<domain name>\service.starteamadmin] FROM WINDOWS WITH DEFAULT_DATABASE=<starteam database name>GO
Use <starteam database name>GO Exec sp_changedbowner [<domain name>\server.starteamadmin]
GO
Replace <starteam database name> with the StarTeam Server database name and <domain name> with the domain name.
-
Log back in to StarTeam Server production machine using the StarTeam Server service account.
- Go to Server Administration and open the configuration properties.
- Click on the Database Connection tab.
- Check the box Use Windows Authentication then click Verify to verify database connection.
- Click OK.
- Click the menu option .
- Uncheck the localsystem account and define the service using StarTeam Server service account.
- Make sure the user account settings are set to Never Notify.
- Start the server.
Microsoft SQL Server security
SQL Server uses a standard security model that involves the following entities and concepts:
- Securable. Represents a resource or target object that requires securing, such as a database view.
- Principal. Represents a user who requests access to a resource.
- Permission. Access type that is associated with securable. Permissions can be granted to or revoked from principals. For example, Update is a permission that is associated with a table (securable) named R. If Update on R is granted to a user (principal) named U, then U receives Update access on R.
Microsoft SQL Server also supports the following security principals at different levels:
Windows-level principals | Control access to SQL Server instances for Windows Local Login and Windows Network Domain Login. |
SQL Server-level principals | Control access to Microsoft SQL Server instances for SQL Server Login. |
Database-level principals | Control access to database instances for database users. |
To access a Microsoft SQL Server instance, use a Microsoft Windows user name or a Microsoft SQL Server user name that was previously created in that server instance. After you log on, the user name represents you as your security principal at the server level.
If you try to use a specific database in the server, Microsoft SQL Server searches the appropriate database for any previous user who has been mapped to your user name. If Microsoft SQL Server locates such a user, the corresponding user name represents you as your security principal at the server level.