Show TOC

Setting AuthenticationLocate this document in the navigation structure

Use

With MS SQL Server you can set the type of authentication to be used to validate users that connect to the server. The following types of authentication are available for the SAP system:

  • Windows only authentication

    For ABAP systems we recommend you to set authentication to Windows only. This means that the SAP system and users who connect to the database must have Windows accounts and are validated on the basis of information stored by the operating system.

  • SQL Server and Windows authentication

    For Java or ABAP+Java systems you must set authentication to the mixed SQL Server and Windowsauthentication mode. This means that the Windows operating system or the SQL Server itself can perform the validation of users connecting to the database. If a user logs on with a Windows account, validation is based on information stored by the operating system. If a user logs on with an SQL Server login account, SQL Server checks the existence of the account and the correctness of the password.

    Caution

    Security Loophole

    When you set the mixed authentication mode anyone who knows the password of the SQL Server login SAP<SAPSID>DB or <sapsid> or sacan connect interactively to SQL Server. Remember to set a strong password for the saaccount.

Procedure

To check the authentication mode, proceed as follows:

  1. In the SQL Server Management Studio, right-click the server and choose Properties.

    The Server Properties dialog box opens.

  2. Choose the Security tab.
  3. For ABAP systems, select Windows Authentication Mode.
  4. For Java or ABAP+Java systems, select SQL Server and Windows Authentication Mode.