Removing permissions

Resolving User Security Identifier (SID) Discrepancy in Read-Only Databases

Many experienced DBAs understand the issues with matching up users and logins in a restored database. But what do you do when the database is read only? New author Tychang Chen brings us a technique that can help.

Understanding SQL Server fixed database roles

I know there are fixed database roles that come with SQL Server. How do I best use them within my installations? What should I watch out for? In this tip we will cover each of the database roles and recommendations on when to and when not to use them.

Using a Certificate Signed Stored Procedure to Execute sp_send_dbmail

Learn how to create a certificate signed stored procedure to solve common permissions problems using sp_send_dbmail. MVP Jonathan Kehayias brings us a short tutorial that discusses your options and code to show you how to implement certificate security.

SQL Server Security Audit Report

If your company needs to go through a SOX (Sarbanes–Oxley) audit or any security audit, the DBA has to provide security information to them. If you have purchased third party tools to provide this information that is great. If you don't have third party tools and need to go through many servers to provide this information it can be a hassle and very time consuming. So I put together a script to generate a report that I could just review. The script generates a report of all elevated level accounts and any possible security holes.

Grant Execute Permissions to Stored Procedures using DDL Triggers

In your development environment if you have locked down permissions for developers, but still need them to execute stored procedures you will need to grant execute rights each time a new stored procedure is generated. In this tip I will show you a way of doing this automatically each time a new stored procedure is created without granting your developers additional permissions.

Role Membership

Options for hiding SQL Server code

I am aware of the WITH ENCRYPTION clause that is used to encrypt the code for objects like views, stored procedures and functions. It sort of fulfills my purpose and is easy to implement, but it does not cover all SQL Server objects. In this tip we look at another option to restrict users from viewing the definition/code of any SQL Server object.

SQL Server Security Audit (Part 1) - Server Level Audit

The first of this three part series on SQL Server Security Auditing focuses on the SQL Server itself and addressing any of its security vulnerabilities.

Breaking ownership chaining within a schema in SQL Server

I have several objects, all in the same schema. Because of this, ownership chaining is working, as described in this previous tip. However, I don't want ownership chaining to be on, but I need the objects to remain in the same schema. How can I do this?