Establishing an Encrypted Connection

You can use the Multi-Protocol netlib to establish an encrypted connection with SQL Server for a specific user or for all users accessing SQL Server. The Multi-Protocol netlib will encrypt data sent to and received from SQL Server.

    To set up encryption for a specific user

1. Create an account on the machine running SQL Server that matches the account (same username and password) on the client machine.
2. Turn on encryption for the Multi-Protocol netlib. This can be done for a specific client or through the server for all clients. For more information, see "Configuring Clients" in the Microsoft SQL Server Administrator's Companion.

    To set up encryption for all users

• On the machine running SQL Server
  1. In the Administrative Tools program group, in the User Manager utility, from the User menu choose New User.

     The New User dialog box appears.

  2. In the dialog box, establish a user account with username as token1 and as password token2.
  3. Enable the multiprotocol encryption option by following instructions described in "Configuring Clients" in the Microsoft SQL Server Administrator's Companion.
  4. Start SQL Server.
• On the machine running the client application
  1. In the Microsoft SQL Server 6.5 program group, double-click the SQL Client Configuration Utility.

     The SQL Server Client Configuration Utility dialog box appears.

  2. Click the Advanced tab.
  3. For the machine on which you set up the user account, specify a logical name in the Server box for SQL Server.
  4. In the DLL Name list box, select Multi-Protocol.
  5. In the Connection String box, type the following:

     ncacn_ip_tcp: servername, token1, token2

     where

     servername

     Specifies the DNS name for the server machine.

     token1

     Specifies the username of the user account on the server machine.

     token2

     Specifies the password for the user account on the server machine.

  The username and password will be used by the client to establish an encrypted connection to SQL Server. Note that this user account is a valid Windows NT account and must be subject to Standard Security.

The user account established on the server machine is not a SQL Server account. The client application must specify a valid SQL Server username and password to successfully connect to SQL Server.

If the connection is unsuccessful because of an invalid username or password, the Multi-Protocol netlib will return error 5 (access denied).