Change the default password, a large number of key information - finance, market, private - incredibly in the Internet, but not only because of the strict security architecture, but also left database and system default installation passwords because it is not responsible. If you don't want to be the above, you must change the user's default login password for RDBMS, Windows NT computers, and other resources.
Checking security at the entrance There are multiple methods and locations to perform security checks. However, a good way to use - is a safety check in the possible first entry point. This simplifies management, separating the application with the resource it uses, and improving its scalability by not making it in the future, thereby increasing its scalability.
The concept of setting security roles using roles is abstracting the application's security namespace from the network or domain namespace, and allows the code to respond to different application roles rather than a particular user. These roles can represent people group (administrators) or application groups (banking components). In the business logic code, the way can be declared (as setting permissions on the file), or the role is programmed.
A typical problem for selecting the correct security particle size damage scalability is that the identity particle size is too small. For example, do you need to register each particular end user in a database (as an example of security resources) or understand the specific role or function area to which this action is to be?
Don't log in to the integrated secure database, as mentioned in the "Select the right security granularity" section, the specified resource login is usually too much on the basis of each user. However, if this fine-tuning control is required, COM has a new feature that allows COM components to run as a user to simulate the user when accessing certain resources. This can simplify component login because you don't perform a virtual caller ID login.
Distribution "Active Directory" and application server features should avoid making the application server outside the host "Active Directory" machine. These machines are usually the main domain controller (DC) and there is a strong network resource competition between the hosts of these machines. In addition, the memory resources consumed by the domain controller may be very high, and the resources left to the application are very small.
Adjusting the Application Timeout Value COM Server Applications There is a timeout setting, and it can be arranged automatically turned off after the application idle specified time. Each COM server application is run as a different DLLHOST.EXE process on the machine. Each process is allocated some resources. In many cases, if the application is not designed as a library or component running in the server, the application process divides the private memory packets into debris or even leak memory.
Make sure that there is a good RPC connection between COM and SQL Server machines When different applications and database server machines are connected to the network, all transactions are "Distributed Transaction Coordinator (DTC) on two machines. "Service coordination. These DTC services require communication between "remote procedure calls (RPCs)" communications using facing-oriented protocols. The protocol may be NCACN_IP_TCP, NCACN_SPX or NCACN_NB_NB. They use the host name instead of the IP address to be referenced to each other, so it must be ensured that the name resolution can be done correctly.
Using Terminal Services as a remote management tool With Microsoft Terminal Services on Windows 2000, remote management can be easier. The terminal server can also be configured for this task so that terminal management does not affect the service quality of the server. Terminal services can also be used to control other user sessions, enabling joint management and help desktop solutions. Use TCP / IP instead of named pipe to connect to SQL Server
Note: This article comes from network finishing, non-original. If you violate your rights, please contact me, thank you.
