SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


How do i Set Password Expiration days for a SQL Login


How do i Set Password Expiration days for a SQL Login

Author
Message
haichells
haichells
Mr or Mrs. 500
Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)

Group: General Forum Members
Points: 510 Visits: 468
Hi,

I am creating a Login in code while Installation. I have a requirement now that Login should have Password expiration policy. How do i set this? Please help.

Thanks

Chelladurai
Animal Magic
Animal Magic
Hall of Fame
Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)

Group: General Forum Members
Points: 3698 Visits: 13752
It is taken from the local security policy, which by default will be taken from the settings on the DC. You dont actually set these values within SQL.
haichells
haichells
Mr or Mrs. 500
Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)

Group: General Forum Members
Points: 510 Visits: 468
Hi,

Thanks for your response. Can you please tell me what is this DC....
Animal Magic
Animal Magic
Hall of Fame
Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)

Group: General Forum Members
Points: 3698 Visits: 13752
The domain controller (assuming you are running on a windows domain) - ask your network admin what the settings are.
haichells
haichells
Mr or Mrs. 500
Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)

Group: General Forum Members
Points: 510 Visits: 468
Hi,

I need to apply the Expiration policy for SQL Logins. Network domain anyway will maintain windows expiration policy i understand.

My query is can we define expiration days/intervals for Sql Logins.
Animal Magic
Animal Magic
Hall of Fame
Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)

Group: General Forum Members
Points: 3698 Visits: 13752
haichells (12/21/2007)
Hi,

I need to apply the Expiration policy for SQL Logins. Network domain anyway will maintain windows expiration policy i understand.

My query is can we define expiration days/intervals for Sql Logins.


Yes you can, but it still takes the settings from the security policy. You cant set anything in sql (as far as i know) that will change the expiration periods of sql logins.
MarkusB
MarkusB
SSChampion
SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)SSChampion (10K reputation)

Group: General Forum Members
Points: 10659 Visits: 4208
Animal Magic (12/21/2007)
It is taken from the local security policy, which by default will be taken from the settings on the DC. You dont actually set these values within SQL.

You're correct in saying it's defined in the local security policy. But you are wrong in saying that this policy is taken from the Domain Controller. SQL login are treated like local accounts and only the local policy applies to them. Domain policies can overrule local policies for Domain Users, but not for local accounts or SQL accounts.

Markus Bohse
Animal Magic
Animal Magic
Hall of Fame
Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)

Group: General Forum Members
Points: 3698 Visits: 13752
ps, search for password policy in BOL.
Animal Magic
Animal Magic
Hall of Fame
Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)Hall of Fame (3.7K reputation)

Group: General Forum Members
Points: 3698 Visits: 13752
MarkusB (12/21/2007)
Animal Magic (12/21/2007)
It is taken from the local security policy, which by default will be taken from the settings on the DC. You dont actually set these values within SQL.

You're correct in saying it's defined in the local security policy. But you are wrong in saying that this policy is taken from the Domain Controller. SQL login are treated like local accounts and only the local policy applies to them. Domain policies can overrule local policies for Domain Users, but not for local accounts or SQL accounts.


Thanks for clearing that up Markus, i didnt realise at first that we were talking about sql logins only.
haichells
haichells
Mr or Mrs. 500
Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)Mr or Mrs. 500 (510 reputation)

Group: General Forum Members
Points: 510 Visits: 468
Hi,

Thanks for all your response. Can you please let me know how to check the local security policy on sql server.
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search