Rotating Header Image

Posts under ‘Security’

Server Role Audit – a quick and dirty script

Every now and again I like to run a quick audit of the SQL Servers I support and ensure that logins do not have any elevated permissions on a server. With properly auditing and tracking you should be able to identify any problems when they happen but it doesn't hurt to give the server(s) a […]

Database Role Audit (alpha version)

OK so this is kind of a “part 2” to a post I made a while back about doing a SQL Server Role Audit. I wanted to go to the next level down and do the same type of thing for all database roles (system and user). This is definitely an “alpha version” of the […]

db_Executor Role – updated

In a passing conversation the question about how you grant execute to all stored procedures to a user came up. In SQL 2005 the ability to grant the execute permission at the database level was introduced. Instead of having to build some 'smarts' into a script to cycle through all your objects, etc you can […]

Creating a REAL SQLAgentReaderRole

So if you follow me blog you will probably remember this post from earlier today: http://benchmarkitconsulting.com/colin-stasiuk/2009/01/21/sqlagentreaderrole-not-so-reader/ Below is the solution I’m working with to give developers access to the Job Activity Monitor but NOT the ability to create new jobs. I know adding a role to a system database is not ideal but I’m open […]

SQLAgentReaderRole – not so reader?

Quick… how do you give someone read only access to the Job Activity Monitor? Why you grant them SQLAgentReaderRole access in msdb…. WRONG http://technet.microsoft.com/en-us/library/ms188283.aspx The SQLAgentReaderRole is a reader role for the jobs that currently exist but wait here is where the good (or bad depending on if you’re in a good mood or not) […]

Twitter links powered by Tweet This v1.6.1, a WordPress plugin for Twitter.