Viewing 15 posts - 3,091 through 3,105 (of 6,104 total)
OK, but from an auditing perspective there is an avoidable weakness...
I can understand shielding the customer from direct DB access. A lot of good reasons to do that, especially in...
K. Brian Kelley
@kbriankelley
March 24, 2005 at 11:45 pm
Talk to the guys here at SSC. They might be able to point you in the right direction.
K. Brian Kelley
@kbriankelley
March 24, 2005 at 8:08 pm
Anything that references file paths (potentially DTS packages), may be impacted. But this is not a new concern if you are moving from one server environment to another.
From within SQL...
K. Brian Kelley
@kbriankelley
March 24, 2005 at 4:45 pm
Being a member of db_ddladmin doesn't auto-create objects as dbo. Being a member of db_ddladmin will still create object as your user unless you're aliased as dbo... which you are...
K. Brian Kelley
@kbriankelley
March 24, 2005 at 3:04 pm
We build from images all the time.
Can you provide a bit more details? Operating system, service pack? Also, version of SQL Server and service pack?
K. Brian Kelley
@kbriankelley
March 24, 2005 at 10:34 am
Another mechanism is to use log exploring software like what Lumigent or ApexSQL sells. There's also Entegra from Lumigent.
K. Brian Kelley
@kbriankelley
March 24, 2005 at 10:12 am
In 3rd party cases, I'd tend to agree with you, only because you're not left with my choice in order to be supported. But in a homegrown app...
K. Brian Kelley
@kbriankelley
March 24, 2005 at 8:17 am
This tells you files, registry keys, etc. to clean out:
How to manually remove SQL Server 2000 default, named, or virtual instance (290991)
K. Brian Kelley
@kbriankelley
March 24, 2005 at 7:21 am
Version Database:
Versions List at SQLSecurity.com
Fixes can be downloaded from Microsoft's site. For security hotfixes, go to:
http://www.microsoft.com/technet/security/default.mspx
For other hotfixes, you can determine if...
K. Brian Kelley
@kbriankelley
March 23, 2005 at 1:23 pm
What is the actual alert message?
K. Brian Kelley
@kbriankelley
March 23, 2005 at 10:40 am
Generally speaking, you want to minimize the number of accounts that have login rights. You also, however, want each user to login using a login only they have access to,...
K. Brian Kelley
@kbriankelley
March 22, 2005 at 9:34 pm
True. The "for optimum performance, do not use more than 4,000 characters" for EXEC doesn't apply in this case because you're only building the stored procedure once. Good point.
K. Brian Kelley
@kbriankelley
March 22, 2005 at 7:07 pm
There are two issues here, though.
One, with a login per database (as the owner) there is an extra account per database. Since that account is owner of the database,...
K. Brian Kelley
@kbriankelley
March 22, 2005 at 2:46 pm
Viewing 15 posts - 3,091 through 3,105 (of 6,104 total)