Revoke Database access to doman group

  • I have a sql 2005 data base "testDB' and I do NOTwant domain group "domain\TEST Group" to have access to testDB' .

    How to do it? pl help.

  • Unless the group has system admin rights just remove them as a user from the database.

  • If user AAA who is a member of domain\TEST group is also a member of domain\LIVE group and the domain\LIVE group has access to your database, then that user has two independant methods of getting to your database. You cannot stop AAA from accessing your database simply by blocking access to the domain\TEST group.

    However, security best practice says there should be a separation of concerns between controlling which groups have access to a resource and controlling which individuals belong to a given group. Therefore if you are conforming to best practice you should should concentate on which groups have access to the database and neither know or care if user AAA belongs to both domain\TEST and domain\LIVE.

    Original author: https://github.com/SQL-FineBuild/Common/wiki/ 1-click install and best practice configuration of SQL Server 2019, 2017 2016, 2014, 2012, 2008 R2, 2008 and 2005.

    When I give food to the poor they call me a saint. When I ask why they are poor they call me a communist - Archbishop Hélder Câmara

Viewing 3 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic. Login to reply