June 21, 2017 at 4:59 am
Can you disable the sa account if it used as a local login for Linked Server?
June 21, 2017 at 5:07 am
Yes we can disable it. If the connection is there it will work untill it attempt for retry.
New connections won't be able to connect.
Thank You.
Regards,
Raghavender Chavva
June 21, 2017 at 5:11 am
Would i be best to just update the local login to another account?
Will the retries work? Is it just new connections that would be affected?
June 21, 2017 at 5:26 am
Yeah, don't use SA login. Most of the cases SA has to be with DBAs, should not be used for other purpose until there is no alternate.
Retry also affects the connection. SQL Server wont accept the connection as SA is disabled.
Thank You.
Regards,
Raghavender Chavva
June 21, 2017 at 5:52 am
juniorDBA13 - Wednesday, June 21, 2017 5:11 AMWould i be best to just update the local login to another account?
Yes!
The sa account should never be used for a linked server, it's a massive security risk. Consider that all a user needs to be able to access a linked server is CONNECT permission, essentially to be able to log in. So anyone then can use the linked server and run stuff with sysadmin permissions in a way that can't be traced.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply