如何在 SQL Server 中添加 Active Directory 用户组作为登录名
我有一个 .net 应用程序,它使用 Windows 身份验证连接到 SQL Server.
I have a .net application which is connecting to the SQL Server using windows authentication.
我们不能在应用程序中使用 SQL Server 身份验证.我们的项目有很多 Active Directory 用户.所以我们必须在SQL Server 中为每个Active Directory 用户创建单独的登录帐户,而不是为每个AD 用户创建单独的登录帐户,有没有办法在SQL Server 中使用Active Directory 用户组?
We cannot use SQL Server authentication in the application. We have lot of Active Directory users there for our project. So we have to create separate login account for each Active Directory users in SQL Server rather than creating separate login account for each AD users, is there any way to use the active directory user group in SQL Server?
推荐答案
在 SQL Server Management Studio 中,转到 Object Explorer >(你的服务器) >安全登录并右键单击New Login:
In SQL Server Management Studio, go to Object Explorer > (your server) > Security > Logins and right-click New Login:
然后在弹出的对话框中,选择您要查看的对象类型(Groups 默认禁用 - 检查它!)并选择您要查找的位置对象(例如使用 Entire Directory),然后找到您的 AD 组.
Then in the dialog box that pops up, pick the types of objects you want to see (Groups is disabled by default - check it!) and pick the location where you want to look for your objects (e.g. use Entire Directory) and then find your AD group.
您现在拥有一个常规的 SQL Server 登录名 - 就像您为单个 AD 用户创建一个登录名一样.授予新登录所需的数据库权限,然后您就可以开始了!
You now have a regular SQL Server Login - just like when you create one for a single AD user. Give that new login the permissions on the databases it needs, and off you go!
该 AD 组的任何成员现在都可以登录 SQL Server 并使用您的数据库.
Any member of that AD group can now login to SQL Server and use your database.
相关文章