Microsoft has deprecated SQL Compact so I would like to replace this with SQL LocalDB on client machines.
When using "Integrated Security = True" the replacement works fine on the client machines but once I set "Integrated Security = False" then I get
Login failed for user 'TestUser'
I can't use integrated security on the clients.
They should not be able to access the database without knowing the username / password which has already been encrypted in their machine.config.
I created a login in VS like the following:
CREATE LOGIN TestUser WITH PASSWORD = 'asdfsdfasdf';
GO
CREATE USER TestUser FOR LOGIN TestUser WITH DEFAULT_SCHEMA = [dbo];
GO
exec sp_addrolemember 'db_owner', 'TestUser'
GO
The connection string is similar to this:
<add name=" ConnectionStringName"
connectionString="Data Source=(LocalDB)\v11.0;
AttachDbFilename=|DataDirectory|\TEST.mdf;
Integrated Security=False; User Id=TestUser;
Password=asdfsdfasdf"
providerName="System.Data.SqlClient" />
I have posted this a similar question on MSDN forums but I am not receiving good responses.
Also, it seems that there are similar questions on stackoverflow but no good responses.
LocalDB and Entity Framework 6 - Security
LocalDB connection with Integrated security=False
I have a feeling that I already know the answer in that LocalDB can't work on other computers with integrated security turned off because in theory it is using a local instance of SQL server in which the logins are stored in the master database and the clients master database would not match a login inside the LocalDB.
In my mind, that seems ludicrous that Microsoft would abandon security concerns in LocalDB by leaving integrated security turned on.
Anyone could find the database, copy it onto their computer, and then use SQL tools to read the database without even knowing a username / password.
According to the MSDN Documentation:
You have to use integrated security when you use LocalDB or the AttachDBFileName option.