SQL ORACLE (5/19/2008)
It has nothing wrong for a user to access SQL Server using a domain account if the server is not a production server. You can set permission to his/her account according to your security policy.Normally, a user can only be a member of application role in a production server.
In either case, a user shoiuld not have SA. Otherwise, our DBAs will lose our jobs.
:hehe:
Well, you are right, access to SA should be restricted and that is what I am trying to do, because the application structure was created a long time ago by an external company and there was no DBA involved at that time who would say - NO ACCESS TO SA. Nobody really bothered about the security measures.
As to the access to a test system, I tend to keep my test and production systems the same, so no SA access in a test system too. Otherwise the test system becomes a mess and it doesn't make sense to maintain two systems in order to know, what should be in the test system that should not be in the production system - unless it's a new funtionality. Not to mention testing new development environments 🙂
Cheers,
Richard