Beginner security questions

Thanks in advance for your patience with my beginner questions.
I have a SQL Server instance setup on my XP desktop (the 120 day Evaluation
Edition - V8.00.194). When I installed it I setup the instance with "Windows
Only" authentication.
I have myself and my wife with XP user accounts and also have a guest user a
ccount active. I created a database for practice, and would like allow eithe
r my wife's account or the guest account to login and access the one practic
e database, with select pri
viledge's only on tables. Ideally from these "user" XP accounts, I would lik
e to allow access to my practice database only through the Query Analyzer Wi
ndow. I don't want to allow these accounts to see other databases or system
tables. I don't want them t
o be able to stratup Enterprise Manager or any tool other than Query Analyze
r for the one database.
What are the steps I need to follow to create permissions? After I do these
steps, I want to log in through the guest account and see that my security s
etup works.
I have read the chapters in my textbook on security, but still don't really
get it. I guess I need a simpler example that I can practice for myself.
Your help in teaching a newbie is greatly appreciated.If your goal is to learn how security works by playing with it, the
quickest way is to enable mixed-mode authentication. Then you can
create SQL logins (which are unavailable in Windows Only mode) and
assign them permissions, which you can then test using the Query
Analyzer, which lets you open multiple connections based on different
logins. Once you've tested and debugged security using SQL logins to
mimic your eventual Windows logins, you can delete them and assign
Windows logins to the roles you've created and set your security mode
back to Windows only for production. Not sure which textbook you are
using, but this site has lots of useful resources:
[url]http://www.microsoft.com/sql/techinfo/administration/2000/security/default.asp[/ur
l]
--Mary
On Tue, 30 Mar 2004 12:56:10 -0800, "Jack Wachtler"
<jack_wachtler@.comcast.net> wrote:

>Thanks in advance for your patience with my beginner questions.
>I have a SQL Server instance setup on my XP desktop (the 120 day Evaluation
Edition - V8.00.194). When I installed it I setup the instance with "Window
s Only" authentication.
>I have myself and my wife with XP user accounts and also have a guest user account
active. I created a database for practice, and would like allow either my wife's acc
ount or the guest account to login and access the one practice database, with select
pr
iviledge's only on tables. Ideally from these "user" XP accounts, I would li
ke to allow access to my practice database only through the Query Analyzer W
indow. I don't want to allow these accounts to see other databases or system
tables. I don't want them
to be able to stratup Enterprise Manager or any tool other than Query Analyzer for the one
database.
>What are the steps I need to follow to create permissions? After I do these
steps, I want to log in through the guest account and see that my security
setup works.
>I have read the chapters in my textbook on security, but still don't really
get it. I guess I need a simpler example that I can practice for myself.
>Your help in teaching a newbie is greatly appreciated.|||Since you've installed with "Windows Only" you may have a few steps to take
before you can allow other users to access the database. Normally this
option works if the SQL Server is part of a domain, which I presume your
machines are not part of. You could try to create a user account on the SQL
Server that has the same name as the user your wife is using on her XP, with
the same password. This might work (I'm not sure).
An other option is to change the security to "Mixed mode", and create SQL
Server accounts. You may be able to change the licensing by way of the "SQL
Server 2000 Licensing" icon on the control panel. However the "Mixed mode"
option may be grayed out. In that case you could do one of two things:
1. Reinstall sql server in mixed mode (remember to back up your database
first)
OR
2. You could do this (cut from another posting found on Google):
Change the LoginMode value of the
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS
SQLServer\MSSQLServer registry key
(for default instance).
1 = Windows Only
2 = SQL Server and Windows
Sincerely
Svein Terje Gaup
"Jack Wachtler" <jack_wachtler@.comcast.net> wrote in message
news:01A128AE-2A11-4719-BB37-DC8B683D662A@.microsoft.com...
> Thanks in advance for your patience with my beginner questions.
> I have a SQL Server instance setup on my XP desktop (the 120 day
Evaluation Edition - V8.00.194). When I installed it I setup the instance
with "Windows Only" authentication.
> I have myself and my wife with XP user accounts and also have a guest user
account active. I created a database for practice, and would like allow
either my wife's account or the guest account to login and access the one
practice database, with select priviledge's only on tables. Ideally from
these "user" XP accounts, I would like to allow access to my practice
database only through the Query Analyzer Window. I don't want to allow these
accounts to see other databases or system tables. I don't want them to be
able to stratup Enterprise Manager or any tool other than Query Analyzer for
the one database.
> What are the steps I need to follow to create permissions? After I do
these steps, I want to log in through the guest account and see that my
security setup works.
> I have read the chapters in my textbook on security, but still don't
really get it. I guess I need a simpler example that I can practice for
myself.
> Your help in teaching a newbie is greatly appreciated.