January 18, 2016 at 1:53 am
Hi,
I am interested in finding out if there is any procedure for locking an SQL database schema so that users (even an SQL DBA) cannot modify triggers/constraints/keys from the originally provided standard. Are there any tools to achieve this? We lock the system objects down now using SQL however any DBO or SysAdmin can login to SQL and modify. If they don't know what they are doing can drop triggers/constraints off and not check they are there afterwards. Whilst I realise I can create a deployment that creates its won instance at s/w installation time< I would prefer to consider other options first.
Alternatively are there any 3rd party products that my software guys can implement "around" the SQL schema to protect it from modification?
Thanks
Peter
January 18, 2016 at 2:13 am
No.
A sysadmin has all rights within an instance and cannot be stopped from doing anything they want. If you want to restrict access, host the DB yourself and give out non-sysadmin permissions only.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply