The integrated login feature allows you to maintain a single user ID and password for both database connections and operating system and/or network logins. This section describes the integrated login feature.
Integrated login capabilities are available for the Windows server only. It is possible for clients on supported Windows platforms to use integrated logins to connect to a network server running on Windows.
An integrated login is a mapping from one or more Windows user profiles to an existing user in a database. A user who has successfully navigated the security for that user profile and logged in to their machine can connect to a database without providing an additional user ID or password.
To accomplish this, the database must be enabled to use integrated logins and a mapping must have been granted between the user profile used to log in to the machine and/or network, and a database user.
Using an integrated login is more convenient for the user and permits a single security system for database and network security. Its advantages include:
When connecting to a database using an integrated login, the user does not need to enter a user ID or password.
If you use an integrated login, the user authentication is done by the operating system, not the database: a single system is used for database security and machine or network security.
Multiple user profiles can be mapped to a single database user ID.
The name and password used to log in to the Windows machine do not have to match the database user ID and password.
WARNING! Integrated logins offer the convenience of a single security system but there are important security implications which database administrators should be familiar with.
For more information about security and integrated logins, see “Security concerns: unrestricted database access”.