Manually Connecting to the DBServer

There are two ways to set up a connection to the database server for your Citavi for DBServer users:

Please note:

The following example values are used in the example scenarios below:
Servername = SVR
Instance name = CitaviServer (optional, don't specify if using the standard instance)
Port = 1234 (optional, only specifiy if using a fixed TCP port)
Database = CitaviDB

Use Case Scenarios and Password Saving

Integrated Security

The client computer is in the same domain as the MS SQL Server. The connection to the database server is established with Integrated Security. In other words, the user's Windows Active Directory account is automatically used for logging on to the database server.

Using the example values above, the connection string would look like this:

Example: Integrated Security Connection String

Data Source=SVR\CitaviServer,1234;Initial Catalog=CitaviDB;Integrated Security=True

Security is guaranteed, since the Windows login information is sent to the database server. No password information is saved in Citavi when using Integrated Security.

SQL Server Logins

In this scenario, user accounts are saved as SQL Server logins on the MS SQL Server. Database server authentication occurs with a user ID and password. This information needs to be sent to the database server in the connection string. Using the example values above, the connection string for a user with the SQL Server login "SQLUser1" would look like this:

Example: SQL Server Login Connection String

Data Source=SVR\CitaviServer,1234;Initial Catalog=CitaviDB;User ID=SQLUser1;Password=******

The password is visible while being entered. After clicking OK the password will be hidden (as shown in the example above) the next time the dialog is opened.

By default, the password for an SQL Server login is encrypted and saved in the EngineSettings.cus file in the folder %appdata%\Swiss Academic Software\Citavi 6\Settings\. This lets the user open the Citavi DBServer project directly without having to enter a login and password each time. The encryption is connected to the current Windows account.

There are, however, scenarios in which multiple users are working with the same Windows account but different SQL Server logins. In this case, the password should not be saved.

Please note:

We discourage usage scenarios in which multiple users access the database server with the same SQL Server login, since this could result in the system administrator's security settings and policies being circumvented.

You can prevent passwords from being saved. Use the MSI Assistant which configures the necessary settings in the Windows Registry via the Citavi Setup.

Impersonation

In this scenario, database server authentication occurs via a Windows Active Directory account. However, the user is not in the same domain as the database server, so the login information isn't automatically sent to the database server as it would be when using Integrated Security. For this reason, additional information for the domain user and password needs to be present in the connection string.

When using impersonation, it's important to distinguish between two different usage scenarios:

Impersonation: the client computer is not part of any domain

The connection string for a user who wants to connect to the database server from a local computer with impersonation and using the Active Directory account "ADUser1" is as follows:

Example: Impersonation Connection String (client computer is not part of any domain)

Data Source=SVR\CitaviServer,1234;Initial Catalog=CitaviDB;Integrated Security=True;User ID=ADUser1;Password=******

Impersonation: the client computer is in a different domain than the database server's domain

As a prerequisite for this scenario, the domains need to have trust. In this case, the domain the user is logging in to (i.e., the domain in which the database server is running) needs to appear before the Active Directory account.

The connection string for a domain "Dom" would be as follows:

Example: Impersonation Connection String (client computer is not part of any domain)

Data Source=SVR\CitaviServer,1234;Initial Catalog=CitaviDB;Integrated Security=True;User ID=Dom\ADUser1;Password=******

Please note:

When using impersonation, the password is never saved in the settings. Each time the user attempts to connect to the database server or to open a Citavi DBServer Project, he or she will be prompted for the domain user name and password.