April 18, 2013 at 12:12 am
Hi
My policies just noticed that Public has the 4 default Connect permissions on endpoints. To get rid of them I would be using the beloe commands :
REVOKE VIEW ANY DATABASE FROM public;
REVOKE CONNECT ON ENDPOINT::[TSQL Local Machine] FROM public;
REVOKE CONNECT ON ENDPOINT::[TSQL Named Pipes] FROM public;
REVOKE CONNECT ON ENDPOINT::[TSQL Default TCP] FROM public;
REVOKE CONNECT ON ENDPOINT::[TSQL Default VIA] FROM public;
However, before I do that I need to provide connect permissions on All TCP ports to other logins so that they are not thrown out.
Here, I am facing issues while providing grant to the following logins :
--GRANT CONNECT ON ENDPOINT::[TSQL Default TCP] TO [##MS_SQLAuthenticatorCertificate##]
--GRANT CONNECT ON ENDPOINT::[TSQL Default TCP] TO [##MS_SQLReplicationSigningCertificate##]
--GRANT CONNECT ON ENDPOINT::[TSQL Default TCP] TO [##MS_SQLResourceSigningCertificate##]
Error for them says :
Cannot find the login '##MS_SQLAuthenticatorCertificate##', because it does not exist or you do not have permission.
My questions here are :
1. If I am unable to grant connect to these logins, will it have adverse affects on some operations?
2. Any other impact that is usually reported after the Public has been revoked the default access?
will someone please assist me with the clarifications ?
Thanks in Advance..
Viewing 0 posts
You must be logged in to reply to this topic. Login to reply