May 10, 2013 at 1:18 pm
i want to track all the fixed roles changes in sql server how do i go about doing that
for example if i have users and privileges
user fixed server roles
john db_owner
doe bulkadmin
if user user permission john is changed to bulk admin i want an alert how do i go about doing this in sql server
May 10, 2013 at 1:51 pm
A Database DDL Trigger for the events ADD_ROLE_MEMBER or DROP_ROLE_MEMBER might give you the oversight you want. Note that a member of db_owner or sysadmin can always circumvent the triggers by disabling and enabling them or dropping and re-adding them before and after they make changes.
Another option that could go hand-in-hand with a DDL Trigger or be a stand-alone solution is to take snapshots of the role members periodically and compare it to the last snapshot to see if anything has changed. This will not tell you who made the change though, just that a change was made.
There are no special teachers of virtue, because virtue is taught by the whole community.
--Plato
May 10, 2013 at 3:00 pm
thank you i solved this using ddl trigger 😀
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply