Would it be a bad idea to develop a desktop application that directly accesses the SQL server?

Question

I want to install a desktop application (on many stations - about 10-20) should access the SQL Server directly, no Services, and no server-DALs.

The application will be installed on a local network on about 10 machines, while one of them is a server. When I will install the program I will set the connection string, and the applications will talk directly to the SQL server.

Is this a bad idea?

If yes, then how bad?

Answer 1

Also note that there are plenty of off-the-shelf DALs (NHibernate, Entity Framework) so you don't need to roll your own, and the work just as well in client server architectures.

Answer 2

If it's on your local network, go for it. If it's over the internet, I'd create a web service.

Answer 3

It is not necessarily a bad idea. If you won't need to scale then it's a valid approach.

What you are describing is often called a 2-tier client-server architecture.

You should probably encrypt the connection string in the config file (but this will only stop prying eyes, not someone intent on recovering your password). The other option is to use Windows authentication via a trusted connection, but you do lose the ability to connection pool, but that should not be an issue with 10 - 50 clients (ballpark).

Answer 4

Of course not.

What your describing is classic Client Server architecture, and around 50% of apps are still built this way, according to a survey I saw recently.

Bob.

Answer 5

I have built plenty apps like that. I would suggest you build a DAL that is in the app itself so that if you ever need to separate data access and presentation layers, you can do so easily (plus there are other benefits like standardization of code, single place to change things, etc).

I don't see an issue with it as long as you are consistent and follow best practices.