Installing SQL Server Express Edition

Unlike MSDE, which does not support any form of a GUI Setup utility, SQL Server Express permits both command-line setup as well as a GUI version. This version of setup is familiar to developers who use the Standard Edition version or greater. However, early in the process, the SQL Server Express GUI Setup program exposes the dialog (as shown in Figure 1) that asks if the user wants to set the Advanced Configuration options. By default, Setup configures the SQL Server Express instance being installed to use Integrated Security and disable all access to the TCP ports and external protocols. This means you won't be able to access the SQL Server Express instance from other systems, or by using SQL Server credentials, unless you change the advanced configuration options



Figure 1. Capturing registration information for the SQL Server Express GUI Setup utility

Choosing the security mode
The SQL Server Express Setup utility permits you to set the type of security used by the server in the Authentication Mode dialog (as shown in Figure 2). As I discuss later, the default mode is Windows Authentication, which validates user credentials against the Domain Active Directory database. It's a good idea to leave the default until you understand the security implications of switching to SQL Server Mixed Mode security. For example, mixed mode (SQL Server) security forces developers to figure out ways to hide the SQL Server credentials used by their application to prevent their use by unscrupulous hackers. Even then, it's still a good idea to stick with the default setting unless your design makes this configuration impossible.

Interesting Aside Where do hackers come from? At a Diligence Information Security conference in London, one study found that most "hackers" (those trying to gain unauthorized access to protected data) were from individuals within the corporate firewall—and most (by far) were on the company payroll.
Regardless of the type of security you choose, the Setup utility demands that you provide an SA password. While it says that you'll need to provide a "strong" password, this is really a function of the Domain Password strength settings. I encourage you to use a well-formed strong password, but it's not that important if you stick with Windows Authentication Mode. The utility won't let you leave it blank.



Figure 2. Setting the Authentication mode used by the SQL Server Express instance

Installing the SQL Server Computer Manager extension
The one and only tool that is installed with SQL Server Express is the SQL Server Computer Manager MMC snap-in. This tool can be used to manage the SQL Server services and enable SQL Server to be seen on the network. To install this component, select it while installing your SQL Server Express instance using the Features Selection dialog (as shown in Figure 3).




Once your SQL Server Express instance is installed, the SQL Server Computer Manager can enable the TCP ports or appropriate network protocols by navigating to the "Protocols for SQLEXPRESS" node, right-clicking and then choosing Enable, as shown in Figure 4. In this case, I enabled the Named Pipes (Np) protocol. You'll also have to start the SQL Browser service to provide server name resolution.

Note Remember, the "Slammer" worm exploited the fact that most SQL servers are exposed on UDP port 1434. This means SQL Server Express won't be prey to this type of attack unless you enable the SQL Browser service.



source : http://msdn2.microsoft.com/en-us/sqlserver/aa336270.aspx

--------------------------------------------


Related :

TransferringFiles
UsingCrystalReports6
VerifyUserEmailAddressPHP-1
VerifyUserEmailAddressPHP-2
viewinformationvb2005
WatermarkImagesFlyPHP-1
WatermarkImagesFlyPHP-2
WhatAretheIssues
What-isMySQL
WhatSQLServerExpress
writefileinvb2005
WritingFileDialogBox