Imagine a web application is on an active directory domain A, and the internal Intranet application is on domain B. There is a SQL server on domain A, and we can use Windows Authentication for the web app to authenticate against the SQL server. However, now the Intranet application being on a different domain must use SQL authentication and thus we have to set SQL server to SQL Server and Windows Authentication mixed mode instead of recommended Windows Authentication mode
What are the security concerns of this setting?
Aucun commentaire:
Enregistrer un commentaire