April 4, 2014 at 9:44 am
Hi All,
Is there a good reason not to drop the default schemas such as db_securityadmin, db_ddladmin etc etc from all databases.
The advantage of dropping them is that it simplifies the database user security screen as its quite easy to grant someone the db_datareader schema rather than the db_datareader role.
I've got a book on sql server 2012 security which does advise dropping them, but I haven't seen this suggested anywhere else. I have removed them from one our test systems about a month ago and haven't seen any issues so far.
Many thanks in advance,
David
April 4, 2014 at 12:21 pm
If you aren't using them, cleaning them up isn't going to hurt anything.
Is the book by Denny Cherry? If so, I'd take it's word as pretty near to gospel.
"The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood"
- Theodore Roosevelt
Author of:
SQL Server Execution Plans
SQL Server Query Performance Tuning
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply