Great Article, good examples. I like a lot that it points out differences between 7/2000 and 2005.
As a comment, there was probably one typo:
"............In order to turn on policy checking and password expiration, additional options must be specified. Those additional options are:
I think you meant to say that in order to turn on policy checking and password expiration SOME of the additional options should be specified. Please, correct me if I am not right and ALL of the above options should be specified for pasword expiration check.
I actually have a question regarding a similar issue. I'm trying to migrate from SQL 2000 to SQL 2005. I need to migrate my windows Logins and SQL logins to SQL 2005 server. I wrote a script to get my SQL logins with their SID's over to SQL 2005 box. Can I also migrate their passwords???
Also, for Windows logins, if I'm trying to migrate them, do I need to care about their SID's? Thank you
If I disable a Windows login in SQL Server and I happen to have domain admin permissions, does this disable the login on the domain? I tried to disable a group of windows logins in sql and I got permission denied. I am not an admin in the domain which is why I imagine this happened.
This is scary functionality especially if the windows ids and groups are used beyond SQL.
It's really awesome article for the beginners in SQL Server 2005 security.