This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Remove From My Forums

SQL Server 2005 CAC/PKI Authentication

Question
0

Sign in to vote

Has anyone been told or heard if Microsoft has released any information regarding CAC authentication into the databases vs. windows authentication/system admin login using windows server?

The government is pushing out a requirement for users who access databases to be required to CAC authenticate into the databases. I haven't hear the deadline, but the standard has been put out. Our office is working on waivers, just in case, before the power curve.

Thanks,

J Ann

Monday, July 28, 2008 3:52 PM

Answers

0

Sign in to vote
Hi Ann,

Windows server supports smart card logon. If you use smart card logon and configure SQL server to use Windows authentication, it should provide high security. As for SQL server itself, I have not heard any information that SQL provides a separate CAC or PKI authentication way besides the existing Windows and SQL authentication. As this question is mainly related to SQL, I suggest that you pos to the following SQL Security forum so that this issue can be answered efficiently.

SQL Server Security

http://forums.microsoft.com/TechNet/ShowForum.aspx?ForumID=92&SiteID=17
Laura Zhang - MSFT
- Marked as answer by Laura ZhangMicrosoft employee Tuesday, August 5, 2008 1:13 AM
Wednesday, July 30, 2008 2:59 AM

All replies

0

Sign in to vote
Hi Ann,

Windows server supports smart card logon. If you use smart card logon and configure SQL server to use Windows authentication, it should provide high security. As for SQL server itself, I have not heard any information that SQL provides a separate CAC or PKI authentication way besides the existing Windows and SQL authentication. As this question is mainly related to SQL, I suggest that you pos to the following SQL Security forum so that this issue can be answered efficiently.

SQL Server Security

http://forums.microsoft.com/TechNet/ShowForum.aspx?ForumID=92&SiteID=17
Laura Zhang - MSFT
- Marked as answer by Laura ZhangMicrosoft employee Tuesday, August 5, 2008 1:13 AM
Wednesday, July 30, 2008 2:59 AM
0

Sign in to vote

Hi Ann,

I am just writing to confirm whether you are looking for CAC/PKI authentication directly to SQL. Does the following approach work for you, logging into Windows based on CAC/PKI, mapping it to a Windows account, and then authenticating to SQL server using standard Windows SSPI?

I have communicated with our SQL product team. They would like to know the potential business impact/opportunity on this function so that we can decide whether this feature should be included in next generation of SQL? Could you provide more details on the government regulation?

Thanks.
Laura Zhang - MSFT

Friday, August 1, 2008 3:21 AM