Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


How do i Set Password Expiration days for a SQL Login


How do i Set Password Expiration days for a SQL Login

Author
Message
haichells
haichells
SSC-Enthusiastic
SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)

Group: General Forum Members
Points: 104 Visits: 460
Hi,

I am creating a Login in code while Installation. I have a requirement now that Login should have Password expiration policy. How do i set this? Please help.

Thanks

Chelladurai
Animal Magic
Animal Magic
Ten Centuries
Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)

Group: General Forum Members
Points: 1064 Visits: 13728
It is taken from the local security policy, which by default will be taken from the settings on the DC. You dont actually set these values within SQL.
haichells
haichells
SSC-Enthusiastic
SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)

Group: General Forum Members
Points: 104 Visits: 460
Hi,

Thanks for your response. Can you please tell me what is this DC....
Animal Magic
Animal Magic
Ten Centuries
Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)

Group: General Forum Members
Points: 1064 Visits: 13728
The domain controller (assuming you are running on a windows domain) - ask your network admin what the settings are.
haichells
haichells
SSC-Enthusiastic
SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)

Group: General Forum Members
Points: 104 Visits: 460
Hi,

I need to apply the Expiration policy for SQL Logins. Network domain anyway will maintain windows expiration policy i understand.

My query is can we define expiration days/intervals for Sql Logins.
Animal Magic
Animal Magic
Ten Centuries
Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)

Group: General Forum Members
Points: 1064 Visits: 13728
haichells (12/21/2007)
Hi,

I need to apply the Expiration policy for SQL Logins. Network domain anyway will maintain windows expiration policy i understand.

My query is can we define expiration days/intervals for Sql Logins.


Yes you can, but it still takes the settings from the security policy. You cant set anything in sql (as far as i know) that will change the expiration periods of sql logins.
MarkusB
MarkusB
SSCarpal Tunnel
SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)

Group: General Forum Members
Points: 4457 Visits: 4208
Animal Magic (12/21/2007)
It is taken from the local security policy, which by default will be taken from the settings on the DC. You dont actually set these values within SQL.

You're correct in saying it's defined in the local security policy. But you are wrong in saying that this policy is taken from the Domain Controller. SQL login are treated like local accounts and only the local policy applies to them. Domain policies can overrule local policies for Domain Users, but not for local accounts or SQL accounts.

Markus Bohse
Animal Magic
Animal Magic
Ten Centuries
Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)

Group: General Forum Members
Points: 1064 Visits: 13728
ps, search for password policy in BOL.
Animal Magic
Animal Magic
Ten Centuries
Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)

Group: General Forum Members
Points: 1064 Visits: 13728
MarkusB (12/21/2007)
Animal Magic (12/21/2007)
It is taken from the local security policy, which by default will be taken from the settings on the DC. You dont actually set these values within SQL.

You're correct in saying it's defined in the local security policy. But you are wrong in saying that this policy is taken from the Domain Controller. SQL login are treated like local accounts and only the local policy applies to them. Domain policies can overrule local policies for Domain Users, but not for local accounts or SQL accounts.


Thanks for clearing that up Markus, i didnt realise at first that we were talking about sql logins only.
haichells
haichells
SSC-Enthusiastic
SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)SSC-Enthusiastic (104 reputation)

Group: General Forum Members
Points: 104 Visits: 460
Hi,

Thanks for all your response. Can you please let me know how to check the local security policy on sql server.
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search