When you configure an ODBC data source in Windows, you can choose one of three levels of security:

• Standard — Requires that a client pass a user ID and password that the MS SQL Server database validates against the list of users in the syslogins table. The request typically comes from a nontrusted connection, such as through TCP/IP. The OpenEdge client or WebSpeed agent passes this information with the User ID (-U) and Password (-P) connection parameters.
• Integrated — Relies on the Windows operating system to validate user information. The MS SQL Server database accepts user information from the process that requests a connection. The request must come from a trusted connection, such as one using Named Pipes. The MS SQL Server database performs no additional validation.
• Mixed — Accepts requests from trusted or nontrusted connections:
  • If the connection is trusted and the client provides no user ID, a user ID that consists entirely of spaces, or a user ID that matches the user that started the process, the MS SQL Server database accepts the connection.
  • If the connection is nontrusted, the OpenEdge client must provide the user ID and password.

Progress Software Corporation recommends the following guidelines for working with a MS SQL Server database and Windows security:

• Configure a MS SQL Server database to use standard or mixed security if you are using remote OpenEdge clients.
• If you are using mixed security, always have the clients specify the -U and -P connection parameters.