Subscribe to this blog
Briefcase
Print
One of the things I've started to work on are some scripts to quickly
be able to pull what a user's actual rights are within SQL Server. This
is a question often asked by auditors and it would be great to give
them a comprehensive answer. Just keying off the username isn't
typically sufficient. After all, a user could have membership through
groups, and access can be obscured because of roles, because of
database ownership, etc. When you consider the web that can be formed
with multiple roles, etc., it can be quite confusing to determine
exactly what a particular user can do.
I'll post more as I make progress in this regard.
K. Brian Kelley - Databases, Infrastructure, and Security
IT Security, MySQL, Perl, SQL Server, and Windows technologies.
Posted by Anonymous on 14 March 2006
First and foremost, I want to include membership...