Enabling Remote DAC

SQLServerCentral is supported by Red Gate Software Ltd.

Popular Topics

Home

Members

Calendar

Who's On

Home » SQL Server 2005 » Administering » Enabling Remote DAC

Enabling Remote DAC

Rate Topic

Display Mode

Topic Options

Author

Message

Green Armchair

Posted Wednesday, January 02, 2013 4:07 AM

SSC Veteran

Group: General Forum Members
Last Login: Monday, May 20, 2013 9:16 AM
Points: 206, Visits: 226

Hi

Seen lots of stuff about how to enable remote DAC, but I can't find anything regarding the implications of enabling.

Are there any security or resource implications?

SQL Server 2005, Enterprise Edition.

Thanks

Post #1401757

Perry Whittle

Posted Wednesday, January 02, 2013 5:35 AM

SSCertifiable

Group: General Forum Members
Last Login: Yesterday @ 5:53 AM
Points: 5,204, Visits: 11,158

The fact that it allows a remote connection to the server may raise eyebrows in some organisations. You do have to connect as a member of the sysadmin role so it's not completely wide open.

-----------------------------------------------------------------------------------------------------------

"Ya can't make an omelette without breaking just a few eggs" Wink

Post #1401794

opc.three

Posted Wednesday, January 02, 2013 1:57 PM

SSCertifiable

Group: General Forum Members
Last Login: Today @ 7:36 AM
Points: 6,730, Visits: 11,778

Some scenarios where enabling remote DAC might be plausible:

- you are in a shop where the DBAs do not have Remote Desktop access to the server hosting SQL Server (rare in my experience, but the situation does exist)
- you do not install SSMS on the server and are not comfortable using sqlcmd.exe for troubleshooting so want to be able to connect to the DAC using SSMS from your own machine
- you are worried about a server being so busy that it cannot support a Remote Desktop session so you want to be able to connect to the DAC from anywhere

These restrictions on DAC still apply even when remote connections are enabled:

- you have to be in the sysadmin Fixed Server Role
- only one person can be connected to the DAC at a time regardless of whether it is a local or a remote connection

There are likely other scenarios you could come up with to help justify enabling remote connections to the DAC.

One reason not to enable remote DAC connections is that if someone connects and leave the connection open you could be out of luck when the server becomes otherwise unusable. You can kill the session using the DAC, but if you cannot initiate a session without using DAC in the first place that might be difficult. The same could be said of local DAC sessions if opened in a Remote Desktop session and that session were disconnected and left there indefinitely.

Personally I do not have a problem with allowing remote DAC connections but opinions may vary.

__________________________________________________________________________________________________
There are no special teachers of virtue, because virtue is taught by the whole community. --Plato

Believe you can and you're halfway there. --Theodore Roosevelt

Everything Should Be Made as Simple as Possible, But Not Simpler --Albert Einstein

The significant problems we face cannot be solved at the same level of thinking we were at when we created them. --Albert Einstein

1 apple is not exactly 1/8 of 8 apples. Because there are no absolutely identical apples. --Giordy

Post #1402072

« Prev Topic | Next Topic »

Permissions