Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase

Enabling Remote DAC Expand / Collapse
Author
Message
Posted Wednesday, January 02, 2013 4:07 AM
SSC Veteran

SSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC Veteran

Group: General Forum Members
Last Login: Wednesday, April 09, 2014 8:41 AM
Points: 207, Visits: 279
Hi

Seen lots of stuff about how to enable remote DAC, but I can't find anything regarding the implications of enabling.

Are there any security or resource implications?

SQL Server 2005, Enterprise Edition.

Thanks



Post #1401757
Posted Wednesday, January 02, 2013 5:35 AM


SSCertifiable

SSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiable

Group: General Forum Members
Last Login: Today @ 10:56 AM
Points: 5,951, Visits: 12,815
The fact that it allows a remote connection to the server may raise eyebrows in some organisations. You do have to connect as a member of the sysadmin role so it's not completely wide open.

-----------------------------------------------------------------------------------------------------------

"Ya can't make an omelette without breaking just a few eggs"
Post #1401794
Posted Wednesday, January 02, 2013 1:57 PM


SSCertifiable

SSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiable

Group: General Forum Members
Last Login: Today @ 9:25 AM
Points: 7,070, Visits: 12,523
Some scenarios where enabling remote DAC might be plausible:

- you are in a shop where the DBAs do not have Remote Desktop access to the server hosting SQL Server (rare in my experience, but the situation does exist)
- you do not install SSMS on the server and are not comfortable using sqlcmd.exe for troubleshooting so want to be able to connect to the DAC using SSMS from your own machine
- you are worried about a server being so busy that it cannot support a Remote Desktop session so you want to be able to connect to the DAC from anywhere

These restrictions on DAC still apply even when remote connections are enabled:

- you have to be in the sysadmin Fixed Server Role
- only one person can be connected to the DAC at a time regardless of whether it is a local or a remote connection

There are likely other scenarios you could come up with to help justify enabling remote connections to the DAC.

One reason not to enable remote DAC connections is that if someone connects and leave the connection open you could be out of luck when the server becomes otherwise unusable. You can kill the session using the DAC, but if you cannot initiate a session without using DAC in the first place that might be difficult. The same could be said of local DAC sessions if opened in a Remote Desktop session and that session were disconnected and left there indefinitely.

Personally I do not have a problem with allowing remote DAC connections but opinions may vary.


__________________________________________________________________________________________________
There are no special teachers of virtue, because virtue is taught by the whole community. --Plato

Believe you can and you're halfway there. --Theodore Roosevelt

Everything Should Be Made as Simple as Possible, But Not Simpler --Albert Einstein

The significant problems we face cannot be solved at the same level of thinking we were at when we created them. --Albert Einstein

1 apple is not exactly 1/8 of 8 apples. Because there are no absolutely identical apples. --Giordy
Post #1402072
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse