Security or Productivity?
Today I would like to discuss security, the necessary evil. Security is a great thing, when it is keeping other people out of my stuff or when it keeps people from bringing down my SQL Servers. I...
View ArticleLogon Triggers aka How To Lock That Annoying User Out During Lunch
Earlier this week, I chose a few SQL Server 2008 topics for our #SQLHelp MCITP study group to discuss here on the blog. Thus, today I will discuss logon triggers, one of the new features available in...
View ArticleWindows Logins Basics
As most people would agree, Windows Authentication is the preferred authentication method in SQL Server as it provides consistency with your Windows or AD administration and it allows you to use groups...
View ArticleOrphaned Windows Users….Annie?
A caveat when working with Windows domain users in your SQL Server is the possibility of orphaned users. When a user is removed from AD, they are not automatically removed from SQL Server. This is an...
View ArticleMy Mistake For Your Enjoyment
This morning when an aggravated user contacted me that they could not get into a new database that I setup on Friday, I discovered that I had made a mistake. Well that’s never happened before, well...
View ArticleWe Need your SA Account
If you are dealing with a large development and infrastructure staff like I do then I am sure at some point you have heard, “We need the password to your SA account.” Which is always followed up with...
View ArticleKnow Your ROLE!
In the famous words of The Rock “know your role and shut your mouth!” Well mainly we were going with “know your role.” Do you know your SQL Server security roles? A SQL Server role defines exactly...
View ArticleKnow Your (Pre-Defined DB) ROLE!
Yesterday we talked about the Rock and how he can help you with SQL Server security ala “know your role.” Do you know your SQL Server pre-defined database security roles? These pre-defined roles will...
View ArticleAD Accounts Are Great, But…
Using Windows Authentication for your database is a great best practice to follow. However, one caveat to remember as one of my administrators found out today. Do not use that account as a login if...
View ArticleSQL Server Auditing: A Learning Series Part One
Over the next few weeks I will be presenting here for your learning SQL Server Auditing, as I learn it. I have never been called upon to use the auditing features in any production SQL Server...
View ArticleSQL Server Auditing: A Learning Series Part Two
Continuing our series on Auditing from yesterday, I wanted to bring up a few additional points if you are planning on using the Windows Security log as the target for your auditing results. You must...
View ArticleSQL Server Audit in SQL Server 2008 R2
Since I am out of the office today I though I would include this fun video from Microsoft to continue with our Auditing theme that we started earlier in the week. Enjoy! SQL Server News Hour: SQL...
View ArticleSQL Server Auditing: A Learning Series Part Three
Figure 1 – New Audit Continuing our learning series on Auditing, today we move on to setting up the server audit which will allow us to be able to setup auditing at the instance level. In SSMS, open...
View ArticleSQL Server Auditing: A Learning Series Part Four
Today we continue our series on Auditing with some clarifications. An audit is essentially the combination of several elements. This concept took a day or two to wrap around my brain so I thought I...
View ArticleSQL Server Auditing: A Learning Series Part Five
Figure 1 – Create a new Audit Specification Continuing our learning series on auditing, today we create a new audit specification (as explained in last week’s post). Remember, in order to create a new...
View ArticleSQL Server Auditing: A Learning Series Part Six
Continuing our learning series on auditing, today we look at the results from the audit specification that we created yesterday. In this audit specification we are monitoring for database ownership...
View ArticleSQL Server Auditing: A Learning Series Part Seven
Continuing our learning series on auditing, today we look at how to query the audit information from the server. sys,server_audits displays information on the audits setup on the server. Figure 1 –...
View ArticleSQL Server Auditing: A Learning Series Part Eight
Continuing our learning series on auditing, today we discuss a couple of caveats to close out the week before we create database audits next week. In order to CREATE, ALTER, or DROP on either the...
View ArticleSQL Server Auditing: A Learning Series Part Nine
Continuing our learning series on auditing, today we prepare for a database audit. Just like with the server audit specification, you must setup a new server audit that correlates to this database...
View ArticleSQL Server Auditing: A Learning Series Part Nine, Reporting
Continuing our learning series on auditing, today we look at the next logical step: Reporting. We have created audits for the server and for the database as well as being able to query the audits,...
View Article
More Pages to Explore .....