April 24, 2025 at 8:06 pm
Wondering how others keep track of the purpose for SQL Logins? I'm not talking about Windows Logins since you can put notes in Active Directory.
We have different systems that use SQL logins and I have a hard time remembering what they are used for, such as just upgrades or regular use by the system.
I would like to use Extended Properties but it doesn't seem to exist for logins. It would be nice if there was a place for this within SQL Server and not have to remember to keep up a spreadsheet. Maybe make a table?
April 24, 2025 at 8:35 pm
I've had the same problem everywhere I've worked and no company has even tried. If it's just you making the accounts, just keep a spreadsheet or separate database on an admin box. We have so many people that can create accounts, we don't even try to keep track and I've personally never been at any company that was able to keep track.
April 24, 2025 at 9:45 pm
I use a table. (Longtime DBA, so that comes naturally to me.)
Basically, you need a table for the passwords, anyway, right? Of course the table's encrypted and in a restricted db.
SQL DBA,SQL Server MVP(07, 08, 09) "It's a dog-eat-dog world, and I'm wearing Milk-Bone underwear." "Norm", on "Cheers". Also from "Cheers", from "Carla": "You need to know 3 things about Tortelli men: Tortelli men draw women like flies; Tortelli men treat women like flies; Tortelli men's brains are in their flies".
April 25, 2025 at 12:19 pm
What's in a name ?
With sql accounts, anybody can use them ( provided the password is known ). And unless you build a strickt login trigger that refuses the connection unless other connection criteria are met, you have no control who/where/when and why an account is being used.
We monitor connections and register Application name, used login, connected database, client name, etc
On a regular basis, we remind our dev and software vendors to provide a meaningful application name with their connections.
As this also helps out in case issues have to be monitorred or debugged, we see most of them have a way to comply with this request.
Even this is not 100% accurate regarding the goal for an account, but it helps out very much.
Johan
Learn to play, play to learn !
Dont drive faster than your guardian angel can fly ...
but keeping both feet on the ground wont get you anywhere :w00t:
- How to post Performance Problems
- How to post data/code to get the best help[/url]
- How to prevent a sore throat after hours of presenting ppt
press F1 for solution, press shift+F1 for urgent solution 😀
Need a bit of Powershell? How about this
Who am I ? Sometimes this is me but most of the time this is me
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply