Viewing 15 posts - 166 through 180 (of 6,105 total)
If it's a cluster and you're connecting from a cluster node, only expect NTLM.
Otherwise, make sure that your clients are connecting to SQL Server based on the name you specified...
November 16, 2011 at 8:35 am
Ah, also, you're querying the wrong info. You want to do a -L against the service account. The SPN will belong under the service account.
November 16, 2011 at 8:23 am
It does potentially take time. It gets written to one DC and then must be replicated. If the DC you wrote to and the DC you query aren't the same,...
November 16, 2011 at 8:22 am
I would keep the service account(s) and the DBAs separate. SQL Server, if you use SQL Server Configuration Manager to manage the service accounts (the only supported way, BTW), will...
November 15, 2011 at 7:43 pm
I would cease and desist with sp_helprotect if you're managing anything beyond SQL Server 2000.
You're wanting to look at the following catalog views and tie them together appropriately:
- sys.database_permissions
- sys.database_principals
-...
November 11, 2011 at 4:31 pm
mstjean (11/10/2011)
FIRST QUESTION: is this the "last word" on minimizing Domain Admin permissions? If not, should I be looking at something else?
My environment: We're running SQL2005 EE, several of which...
November 11, 2011 at 4:25 pm
If you want to cover them all and you have SQL Server 2005 and higher as your SQL Server version, then GRANT EXECUTE against the appropriate schema (usually dbo). For...
November 2, 2011 at 9:05 am
Your best bet is going to be a server side trace. You can use Profiler to build the trace. It's the only way to capture what all is being done....
November 2, 2011 at 8:22 am
Sean, that query is 2005 and above. 🙂
For 2000:
SELECT [name]
FROM syslogins
WHERE denylogin = 1
OR hasaccess = 0;
As for your second question, SQL Server doesn't track last...
September 30, 2011 at 2:05 pm
Yes, but it requires one of the following:
- All users have the ability to CREATE SYMMETRIC KEY in the database.
- You create a stored procedure with an EXECUTE AS clause...
September 21, 2011 at 10:59 am
A lot of reasons could cause this. Are you seeing anything in the security event log at the OS level? Do you know what kind of group it is (domain...
September 21, 2011 at 10:55 am
It probably means the database was created as that windows user. Check the owner of the database.
June 17, 2011 at 1:14 pm
I'm talking about ALTER on the db_datareader and db_datawriter schemas. There shouldn't be anything in them. Therefore, that set of permissions is unnecessary. I understand the general ALTER. However, realize...
June 17, 2011 at 8:06 am
1. Granting the ALTER to the schemas in question doesn't do anything. You really shouldn't change that.
2. Nothing in these permissions grants CREATE. Likely there are other permissions at play....
June 16, 2011 at 1:40 pm
These are services. As a result, any account with the permission to stop and start services can stop and start these. That requires either Power User or Administrator group membership...
June 15, 2011 at 1:22 pm
Viewing 15 posts - 166 through 180 (of 6,105 total)