Microsoft best practices for implementing windows authentication for sql server 2005

Microsoft recommends using Windows authentication instead of SQL Server authentication in SQL Server 2005 for improved security. What are the Microsoft best practices for implementing this? Will be helpful if someone also provides some links that talks about this....

The recommendation of using Windows authentication instead of SQL authentication is one of the best practices recommendations. One suggestion I have is to explicitly provision a Windows principal to make connection faster than if it were made by virtue of group membership.

BOL for SQL Server 2005 contains information about the authentication modes in the topic named "Authentication Mode". See also "How to: Change Server Authentication Mode "

I'm also including some SQL Server 2000 links from MSDN that refer to Windows Authentication:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adminsql/ad_security_47u6.asp
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/instsql/in_runsetup_6p9v.asp
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/architec/8_ar_cs_79kj.asp

Finally, a search on the Internet for "Windows Authentication SQL Server" should provide you with additional links to discussions of Windows authentication.

Thanks
Laurentiu|||Hi Laurentiu,

Thanks for the reply. Can you suggest me wat considerations to be kept in mind incase we want to go for connection pooling as well as windows authentication simultaneously. How can we take the advantages of both?

Thanks in advance.

Abhi|||

Once you've established a connection, the authentication method that you used becomes less relevant. It might matter, for example, if the connection will be used to access resources outside the server, because in some scenarios, you would be able to go out using the Windows credentials, but for work performed inside the server it will not matter what was the authentication mode.

Windows authentication is recommended because with it, the authentication is done by Windows and SQL Server would not need to verify login passwords. Once you performed the authentication step and connected to the server, the way you authenticated becomes less important.

If the connections that you pool are made with Windows authentication, then you are taking advantage of both. Any other considerations would depend on the specific requirements of your application.

Thanks
Laurentiu