Restricting SecurityAdmin on SQL Server 2005/2008

Members of the securityadmin role can escalate to sysadmin rights. Here's how to restrict them back to 2000 levels.

Windows Group Membership Checker

A script to reveal which logins have access to your sql server via windows groups.

Security Auditing Matching Up Logins And Users

I have been tasked with auditing security on my SQL Server. However, this needs to be a somewhat automated process as I don't want to have to rely on taking screenshots every month to satisfy our auditors. What tables and/or views should I be using and what's the best way to extract the information out of them?

Configuring Kerberos Authentication for Microsoft SharePoint 2010 Products

This document provides you with information that will help you understand the concepts of identity in SharePoint 2010 products, how Kerberos authentication plays a critical role in authentication and delegation scenarios, and the situations where Kerberos authentication should be leveraged or may be required in solution designs. The document also shows you how to configure Kerberos authentication end-to-end within your environment, including scenarios which use various service applications in SharePoint Server. Additional tools and resources are described to help you test and validate Kerberos configuration. The "Step-by-Step Configuration" sections of this document cover several SharePoint Server 2010 scenarios.

Configure Windows Firewall for SQL Server 2008 Analysis Services in Windows Server 2008 R2

As I am new to Windows Server 2008 R2 it would be great if you can let me know the step by step approach to enable the default port of SQL Server 2008 Analysis Services in Windows Firewall for user connectivity.

Security

Row Oriented Security Using Triggers

Handling security in an application can be a bit cumbersome. R Glen Cooper brings us a database design technique from the real world that can help you.

Encryption

Database Activity Monitoring Part 2 - SQL Injection Attacks

If you think through the web sites you visit on a daily basis the chances are that you will need to login to verify who you are. In most cases your username would be stored in a relational database along with all the other registered users on that web site. Hopefully your password will be encrypted and not stored in plain text.

Using a Parent Child Hierarchy in SQL Server to Implement a Custom Security Scheme

I have a requirement to implement a custom security scheme where roles and the user's place in the organization hierarchy are used to determine which customers a user can access. In particular the requirements are that a sales person can only access their customers and any other role can access any customer in their level of the organization hierarchy and below. We have a simple hierarchy that is made up of regions and offices. Can you provide us with an example of how to do this?