We use Windows Authentication for connecting to our internal SQL Server instances (a mix of 2005 and 2008).
When I open SQL Server Management Studio and connect to a server it obviously connected me using my current domain credentials.
Is it possible to somehow override this and log on as an alternative domain user?
The aim is to check that users have been set up correctly and can access the DBs that I want them to.
I know I could login to a windows session as them, and do it that way, but that seems a tad tedious.
After doing some digging it appears that the only way to achieve this is via the runas command:
Or for a 64 Bit Environment, use the 32 bit Program Files Folder : runas /user:domain\user "C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe"
You won't be able to log in as them if you do this, but you will be able to validate their permissions within SQL Server. If you are using T-SQL, you can use the EXECUTE AS command to impersonate the user within SQL Server (use REVERT to switch back). For instance:
IIRC, if you map a drive to the server as the user you want to use, before doing anything else on the server, when you connect with integrated security the credentials that you have already established on that server will be used. I used to do this when I was working from a workstation that was not trusted by the domain that the servers were in. You still only get one set of credentials, this trick won't work for two different sets of credentials.
Also, the TSQL SETUSER command can be useful here. It lets you impersonate someone, sort of like su does on linux. The 2008 documentation says that this is deprecated, but I think that it still works.