|
More site info...
|
|
Forum profile page for Security on http://www.sqlmonster.com.
This report page is the aggregated overview from a single forum: Security, located on the Message Board at http://www.sqlmonster.com.
This forum profile page summarizes the general forum statistics such as: Users Activity, Forum Activity, and Top Authors, which are reported in either a table or graph below for a given reporting time period.
Additional forum profile information for "Security" on the Message Board at http://www.sqlmonster.com is also shown in the following ways:
1) Latest Active Threads
2) Hot Threads for Last Week
Warning: These statistics are generated using 'best efforts' and can experience delays and reporting errors at times. Please note that such statistics do not constitute a forum's popularity and/or exact posting volumes at any given reporting period.
|
|
|
|
|
Posting activity on Security:
|
|
Week
|
Month
|
3 Months
|
|
Threads:
|
10
|
41
|
94
|
|
Post:
|
20
|
66
|
160
|
|
|
Security Posting activity graph:
|
Top authors during last week:
user's latest post:
Security issue when user is...
Published (2009-12-04 22:57:00)
More precisely it means that this login is a member of the sysadmin server role. You can see which members there are with this query: SELECT u.name, r.name FROM master.sys.server_principals u JOIN master.sys.server_role_members rm ON u.principal_id = rm.member_principal_id JOIN master.sys.server_principals r ...
user's latest post:
SQL Server 2000: system view...
Published (2009-12-04 17:00:00)
Tom, The raw data is kept in dbo.sysprotects, although you may find the sp_helprotect stored procedure makes it easier to read. Both of these run in the context of the current database. SELECT * FROM dbo.sysprotects WHERE id = OBJECT_ID('storedprocedurename') EXEC sp_helprotect @name = 'storedprocedurename' RLF > Does anyone know what's the name of the system view, where the execute > privileges...
user's latest post:
Non-admins cannot connect on SQL...
Published (2009-11-30 00:55:00)
Yes, I can connect as a non-domain admin using SQL Enterprise Manager. I browse to the various DBs that this program uses and I can add, delete, and edit at will. >> Windows 2003 server with SQL 2000 latest SP. SQL 2000 is installed in >> mixed mode. I have packages like Microsoft Dynamics that have their own [quoted text clipped - 22 lines] > under the hood. Or search on the web to see if other...
user's latest post:
Grant View Server State to...
Published (2009-12-02 20:06:00)
Thank you for your reply. We are running SQL 2000 - is the script for SQL 2005? It will not execute for SQL 2000. > Robin, > [quoted text clipped - 36 lines] > > .
user's latest post:
Security issue when user is...
Published (2009-12-04 14:57:00)
Dear Erland, thanks for your response. I've executed the stored procedure, it returned 1 - which means that my user is a member of BUILTIN\Administrators. I just do not know why at all. Checking the Groupmembership of that user by running Windows "Local Users and Groups" it shows that this user is a member of "BUILTIN\Users" - but not if "BUILTIN\Administrators". To reproduce follow...
user's latest post:
Wide Area connection to SQL...
Published (2009-12-06 21:02:00)
First off thanks for responding... and good question. Sorry I neglected to explain this part. I told the app user he would need static IP at the head office; that other computers outside head office )current LAN) would need to use the static IP to connect to the head office. My reasoning is dynamic IP changes now and then... when the router is powered down and up >>Now, the user of the application opened another office in another...
user's latest post:
Brute force attack on SQL...
Published (2009-12-01 22:16:00)
Hi all, I'm continuously receiving the following error messages in the server event logs: Msg 18456, Level 14, State 1, Server <xxxxx>, Line 1 Login failed for user 'sa' Msg 18456, Level 14, State 1, Server <xxxxx>, Line 1 Login failed for user 'administrator' Msg 18456, Level 14, State 1, Server <xxxxx>, Line 1 Login failed for user 'admin' Similar happens for FTP as...
user's latest post:
SQL 2005 express security issue
Published (2009-12-03 17:57:00)
Hi Stm, I think, you may got the solution for this. I have this same question now, can forward me the solutions or how you handled the situation. My email address: sjdevarajan@hotmail.com Thanks. regards, S.Devarajan. SQL 2005 express security issue 01-Feb-08 Hi We just revamp our application from Access to use SQL Express 2005 as database engine, which is a standalone application running on client PC I'm now simulating the...
user's latest post:
Need help w/ SA password
Published (2009-12-04 15:13:00)
i was having the same problem and your answer helped. yay!!! Hello,You may need to do 2 steps, first one is to change the authentication 28-May-07 Hello You may need to do 2 steps, first one is to change the authentication mode to SQL Server and Windows. After that chnage the SA password Use the below steps: 1. Login as a local admin in SQL Server machin 2. Open the SQL Server express management studi 3. Connect to SQL Server using windows...
user's latest post:
SQL Server 2000: system view...
Published (2009-12-04 16:35:00)
Does anyone know what's the name of the system view, where the execute privileges for stored procedures and functions are stored in SQL Server 2000? In other words: The privileges for tables and views are stored in system view INFORMATION_SCHEMA.TABLE_PRIVILEGES, but how can I determine the execute privileges for stored procedures and functions? Many thanks in advance for your help!
|
|
|
|
Latest active threads on Security::
Started 1 day, 13 hours ago (2009-12-06 20:49:00)
by Tony Toews [MVP]
Why and where? If at the remote office no. If at the head office then maybe. Or if his router can announce the IP address to a dynamic IP system on the cloud somewhere that'd work. >But then I am wondering >if there are issues with connecting via internet and having the connection >open until the user disconnects. Again the application is VB6 (SP6) using >ADO connection.
Started 5 days, 11 hours ago (2009-12-02 22:56:00)
by Erland Sommarskog
If you are logged as this login, what does this return: SELECT is_srvrolemember('sysadmin') It seems that the Windows login is member of a Windows group that maps to BUILTIN\Administrators. Else, could you post a repro that demonstrated what you did? Signature Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se Links for SQL Server Books Online: SQL 2008: http://msdn.microsoft....
Started 3 days, 17 hours ago (2009-12-04 17:00:00)
by Russell Fields
Tom, The raw data is kept in dbo.sysprotects, although you may find the sp_helprotect stored procedure makes it easier to read. Both of these run in the context of the current database. SELECT * FROM dbo.sysprotects WHERE id = OBJECT_ID('storedprocedurename') EXEC sp_helprotect @name = 'storedprocedurename' RLF > Does anyone know what's the name of the system view, where the execute > ...
Started 1 year, 10 months ago (2008-02-01 17:07:00)
by Russell Fields
stm, A system administrator such as 'sa' or any other login granted the sysadmin role can read anything on the server. At a remote location where you do not control the rights granted on the server, there is nothing you can do about this. If your application and the remote user log in with accounts that are not sysadmins then you can protect databases, tables, stored procedures, etc. ...
Started 5 days, 15 hours ago (2009-12-02 19:20:00)
by Russell Fields
Robin, I would not grant it to public, that is just way too wide. If you search the SQL Server Books Online for "VIEW SERVER STATE" it comes up with well over 100 hits, most of which mention a feature made available by the VIEW SERVER STATE permission. If you have some people who truly need that permission (use caution in deciding that) then put them into a domain group and grant that ...
Started 1 week, 1 day ago (2009-11-29 15:49:00)
by Erland Sommarskog
Can non-domain admins connect to SQL Server through say Query Analyzer or OSQL, using Windows authentication? I have no idea what this package is doing, and since the error message it generates appears to be its own, it's difficult to say what the message actually reflects. Since you say that users cannot get to the primary logon screen, this would indicate that they do not even reach SQL ...
Started 2 weeks, 3 days ago (2009-11-20 16:30:00)
by Linchi Shea
Can you clarify exactly you would like to accomplish? > basically i need to stop the service on the existing node whenever the > instance is failover to another node..or instance is stopped
Started 2 weeks ago (2009-11-23 22:51:00)
by Erland Sommarskog
And that is because you have broken the ownership chain between the dbo and dbi schemas. > I run into a similar problem when executing SPs. If I EXECUTE AS > DBInterface (so I can execute DML) then IS_MEMBER is checking > DBInterface, not the original login credentials, against the rolenames.
|
|
Hot threads for last week on Security::
Started 1 week, 1 day ago (2009-11-29 15:49:00)
by Erland Sommarskog
Can non-domain admins connect to SQL Server through say Query Analyzer or OSQL, using Windows authentication? I have no idea what this package is doing, and since the error message it generates appears to be its own, it's difficult to say what the message actually reflects. Since you say that users cannot get to the primary logon screen, this would indicate that they do not even reach SQL ...
Started 5 days, 15 hours ago (2009-12-02 19:20:00)
by Russell Fields
Robin, I would not grant it to public, that is just way too wide. If you search the SQL Server Books Online for "VIEW SERVER STATE" it comes up with well over 100 hits, most of which mention a feature made available by the VIEW SERVER STATE permission. If you have some people who truly need that permission (use caution in deciding that) then put them into a domain group and grant that ...
Started 5 days, 11 hours ago (2009-12-02 22:56:00)
by Erland Sommarskog
If you are logged as this login, what does this return: SELECT is_srvrolemember('sysadmin') It seems that the Windows login is member of a Windows group that maps to BUILTIN\Administrators. Else, could you post a repro that demonstrated what you did? Signature Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se Links for SQL Server Books Online: SQL 2008: http://msdn.microsoft....
Started 1 day, 13 hours ago (2009-12-06 20:49:00)
by Tony Toews [MVP]
Why and where? If at the remote office no. If at the head office then maybe. Or if his router can announce the IP address to a dynamic IP system on the cloud somewhere that'd work. >But then I am wondering >if there are issues with connecting via internet and having the connection >open until the user disconnects. Again the application is VB6 (SP6) using >ADO connection.
Started 3 days, 17 hours ago (2009-12-04 17:00:00)
by Russell Fields
Tom, The raw data is kept in dbo.sysprotects, although you may find the sp_helprotect stored procedure makes it easier to read. Both of these run in the context of the current database. SELECT * FROM dbo.sysprotects WHERE id = OBJECT_ID('storedprocedurename') EXEC sp_helprotect @name = 'storedprocedurename' RLF > Does anyone know what's the name of the system view, where the execute > ...
Started 1 year, 10 months ago (2008-02-01 17:07:00)
by Russell Fields
stm, A system administrator such as 'sa' or any other login granted the sysadmin role can read anything on the server. At a remote location where you do not control the rights granted on the server, there is nothing you can do about this. If your application and the remote user log in with accounts that are not sysadmins then you can protect databases, tables, stored procedures, etc. ...
|
|
Size: 1,716 bytes
