setting connection string

I have been building my web application with visual studio and sql server express and now I'm in the process of deploying it on a server. I need to change the connection string

This is wha开发者_StackOverflowt I have:

<add name="MySiteDBConnectionString" 
     connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\MySiteDB.mdf;Integrated Security=True;User Instance=True"
    providerName="System.Data.SqlClient" />

This is what I need to replace it with:

<add name="LocalSqlServer"
     connectionString="Data Source=DBServerName;Integrated Security=false;Initial Catalog=DBName;User ID=DBLogin;Password=DBPassword"
     providerName="System.Data.SqlClient" />

The problem is that I don't know where or even if I set up a password for the database. What is integrated security? I'm using linq-to-sql, do I also need to make some changes in the dbml file?

Thanks for some suggestions.

If you are not using Intergrated Security you will need to set up a user and password on the database server itself. If you are using shared hosting it is possible this will be provided for you. You can then replace DBLogin and DBPassword with your credentials.

Intergrated security uses your windows login/password details to authenticate against the database.

With your linq to sql if you are not passing in a connection string yourself you will need to use the designer to change the connection to the new database (or just overwrite the one in your config file).

Integrated security means that it will use credentials that the web site (app pool) is running under to access the database. You'd need to have SQL server set up to allow this account access to read/write your tables in order for this to work. If your web site is set up to run under the anonymous network account, then it's unlikely that this would be the case. If your web site runs under a domain account, then it's possible that you would need to use integrated security.

If you're not using integrated security, then your DB admin will have set up a SQL login for your application. This is the id/password that you need to use in your connection string. It's possible that multiple accounts have been set up, an admin account, a read/write account, a read-only account, execute SP account (these describe the permissions assigned to the account, not necessarily their names). In that case choose the appropriate one -- it's almost certainly not the admin account unless your DBAs know nothing about security.

FYI, if you use the User ID=...;Password=... format, you can omit the Integrated Security=false as it will assume a SQL login account and password.

'Integrated Security' mode is what was formerly called 'Use Trusted Connection': it uses the credentials of the currently logged on Windows user (in this case, most likely the IUSR_xxx account the web application is running as, or sometimes the computer account) as its login credentials.