SQL credentials: Do we need to use SA?

About to implement SambaPOS, but just realized I am using the SA account to access the database. This seems a little bit extreme to use an account that has the power to drop the entire database and make pretty much and changes you can think of.

Plus, these credentials are stored unencrypted in C:\ProgramData\SambaPOS

If I was to create a new SQL user, what would be a sensible set of rights I should assign to the SQL user to be able to fully use SambaPOS? (I understand that when create a DB for the first time, perhaps we would have to use the SA account, but after everything is up and running, is it possible move to a ‘safer’ SQL user?

You don’t need to use sa account, I think it is just suggested for convenience but you are correct, it’s not good security practice.

Just create a new login to SQL Server and give full rights to the SambaPOS database. Of course, if you want to create a new database from within SambaPOS, you will need to have sa login or at least rights on SQL server to create database, but that isn’t required for day to day use.

1 Like

Cheers @markjw

So do you think full dbowner privileges would be needed on the SambaPOS database, or could if be restricted even further?

It’s difficult to say. You could always try… :wink:

Is it the privileges or the raw storage of the sa user details your worried about?
You can use windows authentication and not specify details in samba itself.
Windows auth works just needs more setup with windows accounts all having to be identical.

A little bit of both. I like the idea of using Windows Authentication with an account I create with only privileges over the SambaPOS DB.

How do I specify Windows authentication in SambaPOS?

Wouldnlt an SQL forum be a better place to look that up :stuck_out_tongue:

I have never seen an SQL forum that presents the SQL connection details in a dialog box within SambaPOS… But if you know of one I’d appreciate a link :wink:

I have no idea if SambaPOS is doing anything to manipulate what we enter in that dialog box. Hence my question. Sorry if you took offence for some reason.

What dialoge box?

If you used windows authentication you do not put user details into samba for connection string…

Samba will have no control etc over windows auth and SQL privalages… this is what I was refering to when I said about an SQL forum.
You asked about users and privileges. These are nothing to do with Samba.

Almost certainly it can be restricted further. As a guess, you would need to specify CONNECT, SELECT, UPDATE and DELETE rights, but there may be a few other privileges required.

Leave the Connection String blank. At least, leave out the User Id and Password parameters. The connection will then be made using “Trusted” mode, which uses the Windows User Account to authenticate.

SambaPOS uses standard Connection String.syntax, the same as any other program that is connecting to a MS SQL DB Engine and DB. It is very common and you can likely find examples in languages like PHP, but suffice it to say they will all look the same.

There are other parameters that can be passed in the String, but SambaPOS likely ignores them and only uses the specific parameters that it needs. SambaPOS does nothing to “manipulate” the Connection String, but it will make assumptions about certain things if you don’t provide the detail. For example, if you omit the Database parameter, it will try to connect to a DB named SambaPOS5.

In a similar fashion, if you specify a DB name that does not exist, SambaPOS will create a DB of that name with standard default settings (basic configuration data like States, Rules, Ticket Type, Accounts, etc.)

2 Likes

Perfect, thanks @QMcKay

I have written a few web apps in the past but needed to specify Windows Authentication in the web.config file. Good to know I can just leave those two fields blank and it will default to Windows Authentication.

I’ll give it a try before I roll out SambaPOS

1 Like