<a href="http://g.adspeed.net/ad.php?do=clk&zid=15220&wd=468&ht=60&pair=as" target="_blank"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=15220&wd=468&ht=60&pair=as" alt="i" width="468" height="60"/></a>
Log in
::
Register
::
Not logged in
Home
Tags
Articles
Editorials
Stairways
Forums
Scripts
Videos
Blogs
QotD
Books
Ask SSC
SQL Jobs
Training
Authors
About us
Contact us
Newsletters
Write for us
<a href="http://g.adspeed.net/ad.php?do=clk&zid=15491&wd=120&ht=300&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=15491&wd=120&ht=300&pair=as" alt="i" width="120" height="300"/></a>
Recent Posts
Recent Posts
Popular Topics
Popular Topics
Home
Search
Members
Calendar
Who's On
Home
»
SQL Server 2008
»
T-SQL (SS2K8)
»
Custom sp_who
18 posts, Page 2 of 2
««
1
2
Custom sp_who
Rate Topic
Display Mode
Topic Options
Author
Message
Eugene Elutin
Eugene Elutin
Posted Wednesday, March 20, 2013 3:35 AM
SSCrazy
Group: General Forum Members
Last Login: Today @ 11:22 AM
Points: 2,541,
Visits: 4,370
datwungai (3/19/2013)
What exactly are you afraid of?
It's a former DBA that hates me because unlike him, I take my job seriously and won't give him sa permissions. He thinks because he "used to be a DBA at this company" that he's still entitled to the luxuries of sa rights without the responsibility of keeping the servers up and operational. Clear as mud?
I do like your work ethic! Just as mater of interest, why just simply not kill him? There are different options available: poison, knife, gun, box of dynamite at the end. Exterminate!
On a serious note, if your users just an ordinary database/application users, your are absolutely right. Granting this permission is too generous for them. Saying that, they would hardly ever ask for this one anyway. However if your user is a developer and that is development or test environment , then this permission is very important as it allows to monitor server activity and performance. I can hardly see how access to server stats
effects "keeping the servers up and operational".
But again, if he rally hates you, just offer him cup of coffee or tea, then just add a bit of polonium 210 and your enemy will be destroyed!
_____________________________________________
"The only true wisdom is in knowing you know nothing"
"O skol'ko nam otkrytiy chudnyh prevnosit microsofta duh!"
(So many miracle inventions provided by MS to us...)
How to post your question to get the best and quick help
Post #1433086
Jason-299789
Jason-299789
Posted Wednesday, March 20, 2013 4:34 AM
SSC Eights!
Group: General Forum Members
Last Login: Today @ 1:30 AM
Points: 803,
Visits: 2,124
Eugene, very well put.
I personally would arrange a meeting with you, the developer involved, his boss and your boss, and ask him to state why he needs these rights.
Then put a case where you can offer him something like the View Database state on Dev boxes only and maybe UAT, but production is off limits.
If he keeps pushing the case for SA rights simply state that he would also then need to take part responsibility for those boxes where hes grated those rights such as working weekends as part of being on call, doing the mundane daily work.
I would also give him a specific login for this rather than grant his standard network account with SA rights.
You might then see him back down quite quickly.
I'd also set up server level auditing so that if/when he screws up you have him by the soft and dangly things, and you have the perfect ammunition to get his rights revoked or have him removed, and you get the got the added bonus of the fact he did it all by himself.
_________________________________________________________________________
SSC Guide to Posting and Best Practices
Post #1433122
datwungai
datwungai
Posted Friday, March 22, 2013 10:54 AM
Grasshopper
Group: General Forum Members
Last Login: Yesterday @ 3:58 PM
Points: 12,
Visits: 108
Thanks Vedran!
The certificate works like a charm!
dwg
Post #1434397
datwungai
datwungai
Posted Friday, March 22, 2013 10:56 AM
Grasshopper
Group: General Forum Members
Last Login: Yesterday @ 3:58 PM
Points: 12,
Visits: 108
Thanks Stuart, my sentiments exactly. It's not the presidency, if you forfiet your title here, it's gone for good!
Post #1434401
datwungai
datwungai
Posted Friday, March 22, 2013 11:08 AM
Grasshopper
Group: General Forum Members
Last Login: Yesterday @ 3:58 PM
Points: 12,
Visits: 108
Well said Jason.
I've had that meeting with our respective boss' - the underpinning is a political game that I can't win necessarily. However, I've played this game before and religiously document and audit where ever I can. With that, I've caught him off-guard and had him stammering in a room full of people who were ready to believe he needed the access, and he ultimately didn't get it. Small victory for me.
My whole MO is to keep it professional and act in good faith with regard to my duties as a DBA and it serves me well. I would have much rather partnered up with this guy because he's a very smart person and would've been a great asset, but his attitude killed it all when he felt he didn't need to treat me with respect because I didn't give him what he wants. And since he was a former DBA at this company, you'd think he'd be more understanding when it comes to the constraints IS has to work under (CM policies, etc.), but he chose the "Uncle Tom" route and burned just about every bridge he had in IS - now nobody wants to help this guy with anything.
What can you do when grown men behave like children? My philosiphy: "It's not my kid."
Post #1434414
datwungai
datwungai
Posted Friday, March 22, 2013 11:08 AM
Grasshopper
Group: General Forum Members
Last Login: Yesterday @ 3:58 PM
Points: 12,
Visits: 108
Thanks Eugene!
Post #1434415
Vedran Kesegic
Vedran Kesegic
Posted Saturday, March 23, 2013 3:35 AM
Old Hand
Group: General Forum Members
Last Login: Thursday, May 16, 2013 8:08 AM
Points: 342,
Visits: 1,072
datwungai (3/22/2013)
Thanks Vedran!
The certificate works like a charm!
dwg
I'm glad to help. I'll put the script and explanations on my blog.
_____________________________________________________
XDetails Addin
- for SQL Developers and DBA
blog.sqlxdetails.com
- Transaction log myths - debunked!
Post #1434584
Vedran Kesegic
Vedran Kesegic
Posted Saturday, March 23, 2013 8:12 PM
Old Hand
Group: General Forum Members
Last Login: Thursday, May 16, 2013 8:08 AM
Points: 342,
Visits: 1,072
Here it is, with a bit more explanations:
http://blog.sqlxdetails.com/procedure-with-execute-as-login/
_____________________________________________________
XDetails Addin
- for SQL Developers and DBA
blog.sqlxdetails.com
- Transaction log myths - debunked!
Post #1434652
« Prev Topic
|
Next Topic »
18 posts, Page 2 of 2
««
1
2
Permissions
You
cannot
post new topics.
You
cannot
post topic replies.
You
cannot
post new polls.
You
cannot
post replies to polls.
You
cannot
edit your own topics.
You
cannot
delete your own topics.
You
cannot
edit other topics.
You
cannot
delete other topics.
You
cannot
edit your own posts.
You
cannot
edit other posts.
You
cannot
delete your own posts.
You
cannot
delete other posts.
You
cannot
post events.
You
cannot
edit your own events.
You
cannot
edit other events.
You
cannot
delete your own events.
You
cannot
delete other events.
You
cannot
send private messages.
You
cannot
send emails.
You
may
read topics.
You
cannot
rate topics.
You
cannot
vote within polls.
You
cannot
upload attachments.
You
may
download attachments.
You
cannot
post HTML code.
You
cannot
edit HTML code.
You
cannot
post IFCode.
You
cannot
post JavaScript.
You
cannot
post EmotIcons.
You
cannot
post or upload images.
Copyright © 2002-2013 Simple Talk Publishing. All Rights Reserved.
Privacy Policy.
Terms of Use.
Report Abuse.
