My application connects to a SQL Server using windows authentication. I have a login in on the server which is a Active Directory group. If the user is in the Active Directory group then it logs you into the SQL server and gives you the correct permissions.
我的应用程序使用windows身份验证连接到一个SQL服务器。我在服务器上有一个登录,它是一个Active Directory组。如果用户处于活动目录组,那么它会将您记录到SQL服务器并给您正确的权限。
However this way is much slower than using SQL Server authentication, is there any way to increase the performance.
但是,这种方式比使用SQL Server身份验证要慢得多,有什么方法可以提高性能。
I did some tests for how long it takes to login into the server:
我做了一些测试来测试登录服务器需要多长时间:
- SQL Server Authentication - 0.068414 s
- SQL Server Authentication - 0.068414 s。
- Windows Authentication using AD - 0.182627 s
- 使用AD - 0.182627的Windows身份验证。
Thanks
谢谢
2 个解决方案
#1
0
I wouldn't be worried about this. All MS technologies for connecting to database have a database connection pool will be kept in the background so there won't be many opening and closing of connections.
我不会担心这个的。所有连接到数据库的MS技术都有一个数据库连接池,这样就不会有很多连接的打开和关闭。
0.18267s is most likely nothing compared to actual queries you run on the server.
与您在服务器上运行的实际查询相比,0.18267s是最可能的。
If you really want to look into this some more you can try following:
如果你真的想深入了解这个问题,你可以试试以下方法:
- make sure AD is not too busy
- 确保广告不是太忙。
- make sure there is good connectivity between SQL Server and AD (use Ping to verify)
- 确保SQL Server和AD之间有良好的连接(使用Ping验证)
- if possible give permissions to AD users vs AD group.
- 如果可能的话,给AD用户和AD组的权限。
#2
0
I was just going to add a comment, but it got long. Now its here.
我只是想加上一句评论,但时间太长了。现在在这里。
Anyhew. When you provide credentials to SQL Server directly it can perform its own authentication and return.
Anyhew。当您直接向SQL Server提供凭据时,它可以执行自己的身份验证并返回。
However, when you specify AD credentials SQL Server then has to do another round trip to the Domain Controller to confirm your credentials (although technically I think you are actually passing a token. Anyway).
但是,当您指定AD凭据SQL服务器时,则必须再次访问域控制器以确认您的凭据(尽管从技术上讲,我认为您实际上正在传递一个令牌)。无论如何)。
My 2c.
我的2摄氏度。
#1
0
I wouldn't be worried about this. All MS technologies for connecting to database have a database connection pool will be kept in the background so there won't be many opening and closing of connections.
我不会担心这个的。所有连接到数据库的MS技术都有一个数据库连接池,这样就不会有很多连接的打开和关闭。
0.18267s is most likely nothing compared to actual queries you run on the server.
与您在服务器上运行的实际查询相比,0.18267s是最可能的。
If you really want to look into this some more you can try following:
如果你真的想深入了解这个问题,你可以试试以下方法:
- make sure AD is not too busy
- 确保广告不是太忙。
- make sure there is good connectivity between SQL Server and AD (use Ping to verify)
- 确保SQL Server和AD之间有良好的连接(使用Ping验证)
- if possible give permissions to AD users vs AD group.
- 如果可能的话,给AD用户和AD组的权限。
#2
0
I was just going to add a comment, but it got long. Now its here.
我只是想加上一句评论,但时间太长了。现在在这里。
Anyhew. When you provide credentials to SQL Server directly it can perform its own authentication and return.
Anyhew。当您直接向SQL Server提供凭据时,它可以执行自己的身份验证并返回。
However, when you specify AD credentials SQL Server then has to do another round trip to the Domain Controller to confirm your credentials (although technically I think you are actually passing a token. Anyway).
但是,当您指定AD凭据SQL服务器时,则必须再次访问域控制器以确认您的凭据(尽管从技术上讲,我认为您实际上正在传递一个令牌)。无论如何)。
My 2c.
我的2摄氏度。