Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase

Spackle: Making sure you can connect to the DAC Expand / Collapse
Author
Message
Posted Wednesday, July 30, 2014 10:48 PM


Hall of Fame

Hall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of Fame

Group: General Forum Members
Last Login: Friday, March 27, 2015 2:23 PM
Points: 3,470, Visits: 1,869
Comments posted to this topic are about the item Spackle: Making sure you can connect to the DAC

Kenneth Fisher
I strive to live in a world where a chicken can cross the road without being questioned about its motives.
--------------------------------------------------------------------------------
For better, quicker answers on T-SQL questions, click on the following...
http://www.sqlservercentral.com/articles/Best+Practices/61537/
For better answers on performance questions, click on the following...
http://www.sqlservercentral.com/articles/SQLServerCentral/66909/

Link to my Blog Post --> www.SQLStudies.com
Post #1598089
Posted Thursday, July 31, 2014 7:01 AM


SSC-Addicted

SSC-AddictedSSC-AddictedSSC-AddictedSSC-AddictedSSC-AddictedSSC-AddictedSSC-AddictedSSC-Addicted

Group: General Forum Members
Last Login: Yesterday @ 7:06 AM
Points: 486, Visits: 519
Would there be any security concerns with allowing remote admin connections? Seems like it would be ok as long as you have your sysadmin logins controlled appropriately.


Personal blog relating fishing to database administration:

https://davegugg.wordpress.com/
Post #1598242
Posted Thursday, July 31, 2014 7:33 AM


Hall of Fame

Hall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of Fame

Group: General Forum Members
Last Login: Friday, March 27, 2015 2:23 PM
Points: 3,470, Visits: 1,869
Really the DAC doesn't really add any security implications. Only sysadmins can connect and if you are a sysadmin you have complete control of the instance anyway. The only thing you can do in the DAC that you can't in a regular connection is view the system tables. This can give you a little bit of extra information (the password hash for a contained user for example) but nothing that is all that big a deal if you are a sysadmin already.

That being said, you still want to make sure your sysadmins are under control :)


Kenneth Fisher
I strive to live in a world where a chicken can cross the road without being questioned about its motives.
--------------------------------------------------------------------------------
For better, quicker answers on T-SQL questions, click on the following...
http://www.sqlservercentral.com/articles/Best+Practices/61537/
For better answers on performance questions, click on the following...
http://www.sqlservercentral.com/articles/SQLServerCentral/66909/

Link to my Blog Post --> www.SQLStudies.com
Post #1598257
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse