You configure authentication and auditing options with the Security page of the Server Properties dialog box. This page is shown in Figure 6-2.
SQL Server security is completely integrated with Windows domain security, allowing for authentication based on user and group memberships as well as standard SQL Server user accounts. To use combined authentication, select the SQL Server and Windows Authentication mode option button. Now users in Windows domains can access the server using a domain account, and other users can be logged on using a SQL Server logon ID.
Windows authentication is not available in SQL Server Express Edition running on Windows 95 or Windows 98.
To use domain authentication only, select the Windows Authentication Mode option button. Now only users with a domain account can access the server.
Auditing allows you to track user access to SQL Server. You can use auditing with both authentication modes as well as with trusted and untrusted connections.
When auditing is enabled, user logins are recorded in the Windows application log, the SQL Server error log, or both, depending on how you configure logging for SQL Server. The available auditing options include:
None. Disables auditing.
Failed Logins Only. Audits only failed login attempts (the default setting).
Successful Logins Only. Audits only successful login attempts.
Both Failed And Successful Logins. Audits both successful and failed login attempts.