May 2, 2002 at 3:06 am
Havn`t been in this job long. All the SQL Servers here have the SA, no password, still on them! I was going to remove them, but it seems some outside application developers have coded applications which log onto the database using this account!! How stupid is that!! Even worse, they`ve hard coded the login and won`t let me have the source code!!!
STUPID!
Andy.
May 2, 2002 at 3:34 am
Hey Andy,
Not good at all. Unfortunately, I *was* in the same boat. However, the stupidity was down to me. I had no knowledge of SQL Server and approached it as a developer and used the sa login within DTS's and some code.
Was a real pain when I started looking at SQL Server as a DBA rather than a developer! Loads of work to change it all.
Personally, I'd really push like crazy to get the sa account removed from all code! I know that now and learnt the hard way!!
Fun times ahead for you!! Good luck!
Clive
Clive Strong
May 2, 2002 at 4:28 am
I agree with Clive. Go to management and explain the various impacts that having the SA account used and not having a password to protect from intrusion can have then work a schedule out that these will be changed giving the developers time to redistribute their apps.
If management does not agree with the correction, I would personally look for another job, make sure that you let them know that any unauthorized messing with the accounts can cause loss and/or damage to the databases. If your company relies on this they have to understand you cannot be held responsible for leaving the door open since you did not do this (but be more tactfull, I never was good with that).
"Don't roll your eyes at me. I will tape them in place." (Teacher on Boston Public)
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply