By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
425,763 Members | 1,609 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 425,763 IT Pros & Developers. It's quick & easy.

script to spot OS/SFW/HDW changes on my SQL servers?

P: n/a
Hi all. I am looking for a script that I might use to spot OS,
hardware, registry changes. Also be nice if I could tell when someone
loads new software or unistalls old, by I guess I would see that in
registry changes? I would settle for any of the above...the situation
is we have some network engineers who tend to fart around a little to
much on our production MS-SQL servers and I need to know when they
make a change because they wont own up to it when things go wrong.

Can someone help? I realize this would likely be a wmi/wsh/vbs
scripting solution, but I also posting this here becasue I figure at
least one shop out there has the same issue I am having with loose
cannon admin types.
Jul 20 '05 #1
Share this Question
Share on Google+
1 Reply


P: n/a

"sumGirl" <em*****@netscape.net> wrote in message
news:a5**************************@posting.google.c om...
Hi all. I am looking for a script that I might use to spot OS,
hardware, registry changes. Also be nice if I could tell when someone
loads new software or unistalls old, by I guess I would see that in
registry changes? I would settle for any of the above...the situation
is we have some network engineers who tend to fart around a little to
much on our production MS-SQL servers and I need to know when they
make a change because they wont own up to it when things go wrong.

Can someone help? I realize this would likely be a wmi/wsh/vbs
scripting solution, but I also posting this here becasue I figure at
least one shop out there has the same issue I am having with loose
cannon admin types.


I don't have any script for this, but I would suggest that trying to solve
an issue like this via technical means is probably not the best approach.
It's always a good idea to enable OS-level auditing so you have a record of
who accessed the servers and when, but ultimately you cannot stop people
doing things they shouldn't, except by getting your management to make it
clear that unauthorized system changes are unacceptable. I'm assuming of
course that the network guys have valid reasons for being able to access the
MSSQL boxes, so you can't just revoke their permissions.

I suspect the real issue is that you have no change/configuration management
process in place - while this isn't always exciting stuff, it is very
useful. You might want to have a look at the MSSQL Operations Guide to get
some ideas:

http://www.microsoft.com/technet/pro...n/sqlops0.mspx

In the short term, I would suggest documenting one or two incidents in
detail, showing that a) a change was made which caused a real issue, and b)
the change could only have been made by a small number of individuals, none
of whom will admit to making it. Depending on what was changed, it may well
be audited in the system event logs anyway.

If you can show that uncontrolled changes are affecting your company's
business by diverting resources into unnecessary work, or by making
applications unavailable to end users, management will probably take the
issue seriously.

Simon
Jul 20 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.