473,219 Members | 1,951 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,219 software developers and data experts.

SQL Security related

We had been running SQL Server without any control of security (since
the company is very small -100 employees). All of us know the admin
password and has been accessing the database as admin. Our database
server crashed due to hardware failure twice last month and we lost a
lot of important data. Now the management is taking the control of
server access seriously.

SQL Enterprise manager is installed on many PCs and any one can delete
any database with a right click.

My question is:

1. Can the enterprise manager be installed on client's PC with a
limited right (or as a user not as admin)?
We need to limit the user's access of using the Enterprise Manager.
In other words, how can we set this up for different users.
2. How can we keep running SQL Server if one server fails?
Clustering or Replication or Mirroring? O
I would highly appreciate if you could direct me to any website or
resources on how to set up security of SQL Server (2000 with the latest
service pack).
Thanks a million in advance.
Best regards,

Mamun

Aug 11 '05 #1
2 1138
Enterprise Manager runs with whatever permissions are assigned to the
login specified when you register the server in EM on each machine.

If everyone is logging in as SA then you should make everyone
re-register their servers in EM using different logins - either SQL
Server or Integrated (domain) logins. Then change the SA password. I
suggest you use Integrated security if you can. Assign users to domain
groups according to what level of access they need, then assign roles
to those groups.

For high availability options see:
http://www.microsoft.com/sql/techinf...ilability.mspx

--
David Portas
SQL Server MVP
--

Aug 11 '05 #2
microsoft.public.dotnet.languages.vb (ma******@hotmail.com) writes:
We had been running SQL Server without any control of security (since
the company is very small -100 employees). All of us know the admin
password and has been accessing the database as admin. Our database
server crashed due to hardware failure twice last month and we lost a
lot of important data.
Sounds as if you need to review your backup strategy.
2. How can we keep running SQL Server if one server fails?
Clustering or Replication or Mirroring? O


Clustering, log-shipping and replication are all possible to use for
high-availability solutions. Clustering is the most heavy-duty, but
also requires more money for hardware. And you need Enterprise Edition
of SQL Server.

Log shipping is leaner, but still requires Enterprise, if you want to do
it simple. (It's possible to do log shipping with Standard, but you need
to roll your own.)

Replication is definitely the low-budget solution. The main purpose of
replication is not to provide high availability, but it can be used for
this aim.

Some of the articles on
http://www.microsoft.com/technet/pro.../dbengine.mspx
may be useful to you.

--
Erland Sommarskog, SQL Server MVP, es****@sommarskog.se

Books Online for SQL Server SP3 at
http://www.microsoft.com/sql/techinf...2000/books.asp

Aug 11 '05 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

28
by: grahamd | last post by:
Who are the appropriate people to report security problems to in respect of a module included with the Python distribution? I don't feel it appropriate to be reporting it on general mailing lists.
11
by: TC | last post by:
Hello All, I have recently had the pleasure of installing Norton Internet Security 2005 and finding that I can no longer create or open a web-based application in Visual Studio .Net. The IDE...
12
by: A.M. | last post by:
Hi at all, how can I do to insert into a HTML page a file .txt stored in the same directory of the server where is the html file that must display the text file.txt? Thank you very much P.Pietro
2
by: Matt Theule | last post by:
Where can I find information about Runtime Security Policies? I have a winform that is hosted in a webform that needs to access the filesystem. Using the Configuration mmc snapin, I have created a...
5
by: Norsoft | last post by:
I have a .Net 1.1 application which is downloaded into an aspx page. It is a dll which inherits from System.Windows.Forms.UserControl. It works fine on a PC with only the 1.1 Framework. However,...
7
by: Magdelin | last post by:
Hi, My security team thinks allowing communication between the two IIS instances leads to severe security risks. Basically, we want to put our presentation tier on the perimeter network and the...
3
by: Velvet | last post by:
I ran FxCop on one of the components for my web site and the security rules what me to add " tags like the ones listed below: This breaks my ASP.NET application. So my question is,...
6
by: google | last post by:
I have a few general questions. I am working on a new database to be used within my company. I would like to give a couple of people, particularly HR, the ability to add and delete Access users,...
2
by: ThunderMusic | last post by:
hi, I have 2 services running, one doing a job and the other monitoring the job is done and that the other service (the one doing the job) is still running. The thing is, the 1st service fire some...
3
by: Manish | last post by:
I think this question has been asked number of times. However, I am looking for some specific information. Perhaps some of you can help close the gap. Or perhaps you can point me towards right...
1
isladogs
by: isladogs | last post by:
The next online meeting of the Access Europe User Group will be on Wednesday 6 Dec 2023 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, Mike...
0
by: veera ravala | last post by:
ServiceNow is a powerful cloud-based platform that offers a wide range of services to help organizations manage their workflows, operations, and IT services more efficiently. At its core, ServiceNow...
0
by: VivesProcSPL | last post by:
Obviously, one of the original purposes of SQL is to make data query processing easy. The language uses many English-like terms and syntax in an effort to make it easy to learn, particularly for...
0
by: jianzs | last post by:
Introduction Cloud-native applications are conventionally identified as those designed and nurtured on cloud infrastructure. Such applications, rooted in cloud technologies, skillfully benefit from...
0
by: abbasky | last post by:
### Vandf component communication method one: data sharing ​ Vandf components can achieve data exchange through data sharing, state sharing, events, and other methods. Vandf's data exchange method...
2
by: jimatqsi | last post by:
The boss wants the word "CONFIDENTIAL" overlaying certain reports. He wants it large, slanted across the page, on every page, very light gray, outlined letters, not block letters. I thought Word Art...
0
by: stefan129 | last post by:
Hey forum members, I'm exploring options for SSL certificates for multiple domains. Has anyone had experience with multi-domain SSL certificates? Any recommendations on reliable providers or specific...
0
Git
by: egorbl4 | last post by:
Скачал я git, хотел начать настройку, а там вылезло вот это Что это? Что мне с этим делать? ...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.