Geoff A (11/4/2010)

---

K. Brian Kelley (11/4/2010)

---

Geoff A (10/28/2010)

---

this is actually a "domain" policy. the users that have SSMS installed on their local PC's should be "not allowed" to control system...

LutzM (11/4/2010)

---

Brian,

thank you very much for the info. Is there any way to set the scope a to a "group of procedures" (e.g. all beginninng with the same letters)? The...

I'm covering how to audit DB permissions at SQL Lunch (http://www.sqllunch.com). Presentation will be at 12:30 Eastern Time on Nov 4. (today). If you can't make that, it should be...

Where a SQL Server command does this is if you open up a new query window and execute SHUTDOWN,...

Geoff A (10/28/2010)

---

this is actually a "domain" policy. the users that have SSMS installed on their local PC's should be "not allowed" to control system services.

I am not a AD...

Short answer: Windows security groups which are logins.

You cannot disable a Windows group login since it represents multiple effective logins. You can DENY it, however. Typically we disable except in...

Yeah, it's not fun, but sometimes business requirements make you do this, right? I've worked with a vendor to expose a SQL Server some of our business folks use for...

Geoff A (11/3/2010)

---

Steve Jones - SSC Editor (11/3/2010)

---

I would create new roles, and double check what rights are granted them. Using db_reader/writer is a way to unintentionally allow access to...

WayneS (11/2/2010)

---

Just looking at the intro to that article, it looks like what I'm talking about.

I thing I'm interested in - I frequently end up giving a reporting user access...

It really depends for me. Likely my mother and father wouldn't have met. He's from Tennessee and met her in Okinawa during the Vietnam war when he was a Marine....

Hi Paul,

We don't use SQL Sentry's Event Manager, but we use the Performance Advisor, and they are integrated together (need a proper license to activate one side or the other...

I have the same issue (just discovered it today). There is a connect item out on it, with 5 users indicating they can repro (about to be 6, because I'm...

ken.trock (10/5/2010)

---

Brian, thanks a lot for these articles. So we bump the permissions of the guest account so that under the hood a connection can be made from calling DB...

Truthfully, this is determined by your auditor(s). You typically want to track:

- Who has access to the SQL Server

- What has access to the database being monitored for SOX compliance

-...

Yes, this is doable using cross database ownership chaining. If you've got ownership chaining down, this is an extension of that. Except instead of the owner being evaluated as a...