SQL Server Security Audit Report

If your company needs to go through a SOX (Sarbanes–Oxley) audit or any security audit, the DBA has to provide security information to them. If you have purchased third party tools to provide this information that is great. If you don't have third party tools and need to go through many servers to provide this information it can be a hassle and very time consuming. So I put together a script to generate a report that I could just review. The script generates a report of all elevated level accounts and any possible security holes.

Grant Execute Permissions to Stored Procedures using DDL Triggers

In your development environment if you have locked down permissions for developers, but still need them to execute stored procedures you will need to grant execute rights each time a new stored procedure is generated. In this tip I will show you a way of doing this automatically each time a new stored procedure is created without granting your developers additional permissions.

Role Membership

Options for hiding SQL Server code

I am aware of the WITH ENCRYPTION clause that is used to encrypt the code for objects like views, stored procedures and functions. It sort of fulfills my purpose and is easy to implement, but it does not cover all SQL Server objects. In this tip we look at another option to restrict users from viewing the definition/code of any SQL Server object.

SQL Server Security Audit (Part 1) - Server Level Audit

The first of this three part series on SQL Server Security Auditing focuses on the SQL Server itself and addressing any of its security vulnerabilities.

Breaking ownership chaining within a schema in SQL Server

I have several objects, all in the same schema. Because of this, ownership chaining is working, as described in this previous tip. However, I don't want ownership chaining to be on, but I need the objects to remain in the same schema. How can I do this?

Login Failed

Find SQL Server Authentication Mode Configuration

Quick Method to find Configured???????????????????????? Authentication Mode

Automate collection and saving of failed logins for SQL Server

I re-cycle my SQL Server log every night using sp_cycle_errorlog. However, before I do, I would like to capture all of the failed logins recorded. I have auditing turned on for failed logins, but I want to make sure that I capture those events into a table so I can report on. How can I do this?

MD2