Search
Home
Articles
Backup
Books
Certification
FAQ
Products
Replication
Scripts
Seminars
Training
TSQL
MSDN Fourms
Philippine SSUG
Fort Worth SSUG
Oklahoma City SSDG
Resume
MHS Enterprises
BlowFrog Software
FilAm Software
AcrylicAcetate.com
Bargain Humidors
Western Humidor

How do I configure multi-protocol net-lib to force encryption of packets in SQL Server?

To set up encryption for a specific user
  1. Create an account on the machine running SQL Server that matches the account (same username and password) on the client machine.
  2. Turn on encryption for the Multi-Protocol netlib. This can be done for a specific client or through the server for all clients. For more information, see "Configuring Clients" in the Microsoft SQL Server Administrator's Companion.

To set up encryption for all users

On the machine running SQL Server

  1. In the Administrative Tools program group, in the User Manager utility, from the User menu choose New User. The New User dialog box appears.
  2. In the dialog box, establish a user account with username as token1 and as password token2.
  3. Enable the multiprotocol encryption option by following instructions described in "Configuring Clients" in the Microsoft SQL Server Administrator's Companion.
  4. Start SQL Server.

On the machine running the client application

  1. In the Microsoft SQL Server 6.5 program group, double-click the SQL Client Configuration Utility. The SQL Server Client Configuration Utility dialog box appears.
  2. Click the Advanced tab.
  3. For the machine on which you set up the user account, specify a logical name in the Server box for SQL Server.
  4. In the DLL Name list box, select Multi-Protocol.
  5. In the Connection String box, type the following: ncacn_ip_tcp: servername, token1, token2 where servername Specifies the DNS name for the server machine. token1 Specifies the username of the user account on the server machine. token2 Specifies the password for the user account on the server machine.

The username and password will be used by the client to establish an encrypted connection to SQL Server. Note that this user account is a valid Windows NT account and must be subject to Standard Security. The user account established on the server machine is not a SQL Server
account. The client application must specify a valid SQL Server username and password to successfully connect to SQL Server. If the connection is unsuccessful because of an invalid username or password, the Multi-Protocol netlib will return error 5 (access denied).

You can also force using the Multi Protocol Net Lib from the client by putting a network=dbmsrpcn; in your connect string.

Michael R. Hotek

All content on this site, except where noted, represents an original work of Michael R. Hotek and is protected by applicable copyright laws. The SQL Server FAQ is the sole work of Neil Pike. No page, portion of a page, or download may be used for commercial purposes in whole or in part without the express, written permission of the applicable author.