Tagged Questions
1
vote
2answers
38 views
Auto Disable a SQL Server User
I have a SQL Authentication User: JOHNDOE
I would like this account to auto-expire or auto-disable after X days or at a certain date/time. Any suggestions or best practices to do this?
0
votes
2answers
58 views
Working Linked Server Query fails in sp_send_dbmail
Take the following example:
EXEC msdb.dbo.sp_send_dbmail
@recipients = '[email protected]' ,
@query = 'SELECT TOP 10 * FROM LINKEDSERVERA.DATABASE.dbo.TABLE' ,
@attach_query_result_as_file = N'True' ...
4
votes
2answers
84 views
How does “Be made using the login's current security context” pass the users password to remote server
Say you have a SQL Server with a "Linked Server" to another server - said "Linked Server" is set to use "Be made using the login's current security context" as its authentication model.
How does the ...
0
votes
2answers
29 views
Pull Subscription: process cannot read file due to OS error 5
I am trying to migrate a working pull subscription for transactional replication from one subscribing server to a new one. The subscribing server is at another site and is connected via a VPN tunnel. ...
1
vote
2answers
59 views
Linked Server Risks
I'm implementing a new feature which requires data from databases on multiple servers. I just need to union data from all these servers and sort it. The two options that come to mind are:
Use linked ...
0
votes
1answer
55 views
BUILTIN\Administrators allowing access via linked server but not locally
We have two servers:
LYNDB01 & LYNDB02
On LYNDB01 we have a database called db_ExampleDatabase
We have created a Linked Server on LYNDB02 to LYNDB01 using no mappings and the "Be made using the ...
2
votes
1answer
34 views
Find application password expiration date
I changed password of my application on one sql server?
when I am using Login property command I am getting last login date.
I want to know when my application password is going to expired in SQL ...
-3
votes
1answer
385 views
How database administrators can see my requests to MSSQL server?
I'm a MS SQL 2008 user. I have access to some tabes. I need to request few colums from table as I usually do. But I need to do it onse (for example) in 5 seconds and system administrators shouldn't ...
1
vote
1answer
39 views
One call to `decryptbypassphrase` for decrypting all columns
If I use ENCRYPTBYPASSPHRASE to encrypt the full table then how can I decrypt full table easily by using DECRYPTBYPASSPHRASE?
Actually I have to use DECRYPTBYPASSPHRASE ('passphrase', column_name) ...
5
votes
1answer
85 views
How is SQL Server host identity ensured?
When I connect to some e-commerce website with my browser I use HTTPS that uses a certificate that (more or less) guarantees that example.com is indeed example.com.
Now I connect to a SQL Server ...
4
votes
2answers
172 views
Securely generate a UNIQUEIDENTIFIER in SQL Server
I intend to be using a UNIQUEIDENTIFIER as an access key that users can use to access certain data. The key will act as a password in that sense.
I need to generate multiple such identifiers as part ...
13
votes
6answers
510 views
Why should an application not use the sa account
My first question ever, please be gentle. I understand that the sa account enables complete control over a SQL Server and all the databases, users, permissions etc.
I have an absolute belief that ...
0
votes
2answers
115 views
Secure Linked Server - Non privledged user possible? Registry corruption?
Is it possible to use a non privledged Windows domain account to impersonate itself in a linked server?
And why would it be unable to read the registry for available network protocols?
Overview: ...
6
votes
2answers
101 views
Limit connection rights on SQL Server
I have an app to deploy in production that uses 'honor system' security. That is, all users connect to the DB using a SQL user/passwd credential and the app manages permissions itself. The latter part ...
2
votes
3answers
115 views
Is it ever harmful to set a database owner in SQL Server?
There are a bunch of databases on one of our SQL servers that have no owner. Generally speaking, is it harmful to give them one? For example:
USE dbName;
GO
EXEC sp_changedbowner 'sa';
GO
I know ...
