I am looking for the best way to lockdown a SQL Server 2000 box. There are
current SQL logins used by exsisting software that have SA credentials.
Without changing creds or using a third part vendor is there something equal
to DDL triggers in 2005? Could I create a trace that always is on?
Thanks for reading.
JasonWhat do you mean exactly by saying "lockdown"?
You do not want anybody to be able to login to the SQL Server?
--
Ekrem Ã?nsoy
"SQLCOW" <SQLCOW@.discussions.microsoft.com> wrote in message
news:6312BD12-BC3A-4A7D-A665-52E4D8B6A46D@.microsoft.com...
>I am looking for the best way to lockdown a SQL Server 2000 box. There are
> current SQL logins used by exsisting software that have SA credentials.
> Without changing creds or using a third part vendor is there something
> equal
> to DDL triggers in 2005? Could I create a trace that always is on?
> Thanks for reading.
> Jason|||I want to prevent people from dropping objects
"Ekrem Ã?nsoy" wrote:
> What do you mean exactly by saying "lockdown"?
> You do not want anybody to be able to login to the SQL Server?
> --
> Ekrem Ã?nsoy
>
> "SQLCOW" <SQLCOW@.discussions.microsoft.com> wrote in message
> news:6312BD12-BC3A-4A7D-A665-52E4D8B6A46D@.microsoft.com...
> >I am looking for the best way to lockdown a SQL Server 2000 box. There are
> > current SQL logins used by exsisting software that have SA credentials.
> > Without changing creds or using a third part vendor is there something
> > equal
> > to DDL triggers in 2005? Could I create a trace that always is on?
> >
> > Thanks for reading.
> >
> > Jason
>|||Hi
If it uses SA you can do NOTHING.
"SQLCOW" <SQLCOW@.discussions.microsoft.com> wrote in message
news:68380513-CF06-492B-9786-9489EE864EBA@.microsoft.com...
>I want to prevent people from dropping objects
> "Ekrem ?nsoy" wrote:
>> What do you mean exactly by saying "lockdown"?
>> You do not want anybody to be able to login to the SQL Server?
>> --
>> Ekrem ?nsoy
>>
>> "SQLCOW" <SQLCOW@.discussions.microsoft.com> wrote in message
>> news:6312BD12-BC3A-4A7D-A665-52E4D8B6A46D@.microsoft.com...
>> >I am looking for the best way to lockdown a SQL Server 2000 box. There
>> >are
>> > current SQL logins used by exsisting software that have SA credentials.
>> > Without changing creds or using a third part vendor is there something
>> > equal
>> > to DDL triggers in 2005? Could I create a trace that always is on?
>> >
>> > Thanks for reading.
>> >
>> > Jason
>>|||There has to be something you can do to track changes for auditing besides
enable C2.
"Uri Dimant" wrote:
> Hi
> If it uses SA you can do NOTHING.
> "SQLCOW" <SQLCOW@.discussions.microsoft.com> wrote in message
> news:68380513-CF06-492B-9786-9489EE864EBA@.microsoft.com...
> >I want to prevent people from dropping objects
> >
> > "Ekrem ?nsoy" wrote:
> >
> >> What do you mean exactly by saying "lockdown"?
> >>
> >> You do not want anybody to be able to login to the SQL Server?
> >>
> >> --
> >> Ekrem ?nsoy
> >>
> >>
> >>
> >> "SQLCOW" <SQLCOW@.discussions.microsoft.com> wrote in message
> >> news:6312BD12-BC3A-4A7D-A665-52E4D8B6A46D@.microsoft.com...
> >> >I am looking for the best way to lockdown a SQL Server 2000 box. There
> >> >are
> >> > current SQL logins used by exsisting software that have SA credentials.
> >> > Without changing creds or using a third part vendor is there something
> >> > equal
> >> > to DDL triggers in 2005? Could I create a trace that always is on?
> >> >
> >> > Thanks for reading.
> >> >
> >> > Jason
> >>
> >>
>
>|||SA's permissions can't be changed. You should create a new user for this job
and give it necessary permissions on your database.
--
Ekrem Ã?nsoy
"SQLCOW" <SQLCOW@.discussions.microsoft.com> wrote in message
news:3DC6C042-01B1-4A39-AE8A-4B7A94038A8C@.microsoft.com...
> There has to be something you can do to track changes for auditing besides
> enable C2.
> "Uri Dimant" wrote:
>> Hi
>> If it uses SA you can do NOTHING.
>> "SQLCOW" <SQLCOW@.discussions.microsoft.com> wrote in message
>> news:68380513-CF06-492B-9786-9489EE864EBA@.microsoft.com...
>> >I want to prevent people from dropping objects
>> >
>> > "Ekrem ?nsoy" wrote:
>> >
>> >> What do you mean exactly by saying "lockdown"?
>> >>
>> >> You do not want anybody to be able to login to the SQL Server?
>> >>
>> >> --
>> >> Ekrem ?nsoy
>> >>
>> >>
>> >>
>> >> "SQLCOW" <SQLCOW@.discussions.microsoft.com> wrote in message
>> >> news:6312BD12-BC3A-4A7D-A665-52E4D8B6A46D@.microsoft.com...
>> >> >I am looking for the best way to lockdown a SQL Server 2000 box.
>> >> >There
>> >> >are
>> >> > current SQL logins used by exsisting software that have SA
>> >> > credentials.
>> >> > Without changing creds or using a third part vendor is there
>> >> > something
>> >> > equal
>> >> > to DDL triggers in 2005? Could I create a trace that always is on?
>> >> >
>> >> > Thanks for reading.
>> >> >
>> >> > Jason
>> >>
>> >>
>>|||Thanks but I was looking for some techinical guidance.
"Ekrem Ã?nsoy" wrote:
> SA's permissions can't be changed. You should create a new user for this job
> and give it necessary permissions on your database.
> --
> Ekrem Ã?nsoy
>
> "SQLCOW" <SQLCOW@.discussions.microsoft.com> wrote in message
> news:3DC6C042-01B1-4A39-AE8A-4B7A94038A8C@.microsoft.com...
> > There has to be something you can do to track changes for auditing besides
> > enable C2.
> >
> > "Uri Dimant" wrote:
> >
> >> Hi
> >> If it uses SA you can do NOTHING.
> >>
> >> "SQLCOW" <SQLCOW@.discussions.microsoft.com> wrote in message
> >> news:68380513-CF06-492B-9786-9489EE864EBA@.microsoft.com...
> >> >I want to prevent people from dropping objects
> >> >
> >> > "Ekrem ?nsoy" wrote:
> >> >
> >> >> What do you mean exactly by saying "lockdown"?
> >> >>
> >> >> You do not want anybody to be able to login to the SQL Server?
> >> >>
> >> >> --
> >> >> Ekrem ?nsoy
> >> >>
> >> >>
> >> >>
> >> >> "SQLCOW" <SQLCOW@.discussions.microsoft.com> wrote in message
> >> >> news:6312BD12-BC3A-4A7D-A665-52E4D8B6A46D@.microsoft.com...
> >> >> >I am looking for the best way to lockdown a SQL Server 2000 box.
> >> >> >There
> >> >> >are
> >> >> > current SQL logins used by exsisting software that have SA
> >> >> > credentials.
> >> >> > Without changing creds or using a third part vendor is there
> >> >> > something
> >> >> > equal
> >> >> > to DDL triggers in 2005? Could I create a trace that always is on?
> >> >> >
> >> >> > Thanks for reading.
> >> >> >
> >> >> > Jason
> >> >>
> >> >>
> >>
> >>
> >>
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment