Rotating Header Image

SQL 2008 CMS Security

So we’ve recently adopted the use of SQL Server 2008’s Central Managment Server for our development team.  Something that tends to get missed or not talked about in articles about CMS is the security required to connect and view the Central Management Server.


There are 2 MSDB database roles that relate to the Central Managment Server:

ServerGroupReaderRole:  Members of this group can only view the Central Management Server’s registered servers


ServerGroupAdministratorRole: Only members of this group can add/update/delete registered servers to the Central Management Server

So if your first instict was to grant db_datareader access to the MSDB database it pays to take a look around and make sure that you’re not granting more security then what is required.

Some great articles on Central Managment Servers:

Configuring and Using a Central Management Server for SQL 2008 – Brent Ozar

SQL Server 2008 Central Managment Servers – Kimberly Tripp

Create a Central Management Server and Server Group


Post to Twitter Post to Delicious Post to Digg Post to StumbleUpon


  1. […] post:  SQL 2008 CMS Security | Benchmark IT Consulting | Colin Stasiuk By admin | category: it consulting | tags: adopted-the-use, attended-the-2009, central, […]

  2. Awesome post! It really helped me a lot! Thanks for sharing it.

Leave a Reply

Twitter links powered by Tweet This v1.6.1, a WordPress plugin for Twitter.