In a previous blog post on Detecting When a Login Has Implicit Access to a Database, I mentioned that having CONTROL SERVER rights means having implicit rights into the databases. Robert Davis posted a comment asking if there was a difference with respect to explicit permissions between being a member of the sysadmin fixed server role and having CONTROL SERVER rights.
2009-03-16
3,550 reads
Those who know me personally know that I grow my hair out to donate for kids. I have donated a couple of times to Locks of Love . This past Saturday I participated in a hair collection drive led by 11 year-old Sarah Brotman: Midlands girl gets a haircut...
2009-03-13
1,452 reads
Yesterday I blogged about how to figure out what database principals corresponded to what server principals . The key is to match up the SIDs between sys.server_principals and sys.database_principals. But I also stated there were 3 cases where the logins...
2009-03-05
2,928 reads
A question on the forum asked how to find all the database mappings for a particular login. If you're on SQL Server 2000 or below, the tables you want to use are syslogins in the master database and sysusers in each database.
2009-03-03
4,468 reads
This is a follow-on post to You Must Trust Someone. My point in that post was to establish that being able to and and actually trusting your account and server administrators is a necessity. I didn't go into the business aspect of that, but basically it boils down to having a good selection process for candidates, checking out their references, ...
2009-03-03
2,022 reads
After some recent talks with security folks and auditors, one of the things I have had a hard time getting across is that you must trust those folks responsible for account and server management when it comes to securing your data. Yes, you can put in...
2009-02-26
2,549 reads
This past weekend we were moving database files around because we added new LUNs to an existing production cluster. We went at the old tried and true way, we detached the databases, moved the files, and re-attached the databases. That seemed to work well...
2009-02-20
2,133 reads
I should have put this out earlier, before going to the SQL Server Innovators Guild , but I got too busy. Here are my current speaking / teaching engagements for the first half of the year:
2009-02-10
158 reads
Brian Kelley looks at auditing in this article about SQL Server 2008 and the enhancements made in this version. The new Audit Object allows you to more easily determine what is happening on your SQL Server instance.
2008-12-18
3,286 reads
Red Gate's SQL Response is advertised as a low-impact SQL Server monitoring application with an intuitive interface. Given the advertising, I signed up for the SQL Response Release Candidate and took a look. I was pleasantly surprised with what I found.
2008-10-08
4,716 reads
By Will Assaf
I recently reviewed, worked on, and added a similar example to the DATETIMEOFFSET Microsoft...
Database administrators (DBAs) are the backbone of data-driven organizations. If you're looking to break...
By Brian Kelley
Another security fundamentals topic is authentication versus authorization. For those who have a clear...
I have a SQL Server 2019 Enterprise Edition on CU 25. It has in-memory...
Experts, I am learning some skills so I can troubleshoot some performance-related issues. I...
What happens when I run this code:
SELECT p.ProductName , p.ProductCategory FROM dbo.Product AS p WITH (NOLOCK, TABLOCK);See possible answers