Manually Connecting to the DBServer
There are two ways to set up a connection to the database server for your Citavi for DBServer users:
- Creating a connection file with the Citavi DBServer Manager.
- Entering the connection information manually in Citavi under Tools > Configure DBServer. This procedure is described below.
The following example values are used in the example scenarios below:
Server name = SVR
Instance name = CitaviServer
Database = CitaviDB
Use Case Scenarios and Password Saving
The client computer is in the same domain as the MS SQL Server. The connection to the database server is established with Integrated Security. In other words, the user's Windows Active Directory account is automatically used for logging on to the database server.
Using the example values above, the connection string would look like this:
Security is guaranteed, since the Windows login information is sent to the database server. No password information is saved in Citavi when using Integrated Security.
SQL Server Logins
In this scenario, user accounts are saved as SQL Server logins on the MS SQL Server. Database server authentication occurs with a user ID and password. This information needs to be sent to the database server in the connection string. Using the example values above, the connection string for a user with the SQL Server login "SQLUser1" would look like this:
The password is visible while being entered. After clicking OK the password will be hidden (as shown in the example above) the next time the dialog is opened.
By default, the password for an SQL Server login is encrypted and saved in the EngineSettings.cus file in the folder Documents\Citavi 5\Settings\. This lets the user open the Citavi DBServer project directly without having to enter a login and password each time. The encryption is connected to the current Windows account.
There are, however, scenarios in which multiple users are working with the same Windows account but different SQL Server logins. In this case, the password should not be saved.
We discourage usage scenarios in which multiple users access the database server with the same SQL Server login, since this could result in the system administrator's security settings and policies being circumvented.
In Citavi 5.3 and later, an additional option can be used. The option Disable password saving in DBServer connection strings can be found by clicking Tools > Options > Folders > Administrative Settings Assistant > 3. Administrator settings > Export to AdminSettings.csd.
After enabling this option, the AdminSettings should be exported again and distributed in the folder \Citavi 5\bin. After that, users will be prompted to enter their login details every time the Citavi DBServer Project is opened.
In this scenario, database server authentication occurs via a Windows Active Directory account. However, the user is not in the same domain as the database server, so the login information isn't automatically sent to the database server as it would be when using Integrated Security. For this reason, additional information for the domain user and password needs to be present in the connection string.
When using impersonation, it's important to distinguish between two different usage scenarios:
Impersonation: the client computer is not part of any domain
The connection string for a user who wants to connect to the database server from a local computer with impersonation and using the Active Directory account "ADUser1" would be as follows:
Impersonation: the client computer is in a different domain than the database server's domain
The prerequisite for this scenario is that the network administrator has created trust between the two domains. In this case, the domain the user is logging in to needs to be named before the Active Directory Account (i.e. the domains in which the database server is running).
The following is an example connection string using the example domain "Dom":
When using impersonation, the password is never saved in the settings. Each time the user attempts to connect to the database server or to open a Citavi DBServer Project, he or she will be prompted for the domain user name and password.