March 11, 2009 at 9:03 am
Hi!
I have a question : are there advantages in using a specific user,created for instance for me, or is the 'sa' login enough for everything?
I'm asking this because where I work I use the sa login, and I recently observed that some databases, that are used by everybody, have as owner the ex-dba.
And I'm asking myself if there are advantages in using my own login, or to continue using the 'sa'
I hope I'm clear...
Thanks
March 11, 2009 at 9:11 am
For security purposes it is recommended that sa have a very strong password and that the account is not used by anyone.
If you have a Windows Domain the recommended practice is to used Windows Authentication and create logins based on Windows accounts and then assign those logins the appropriate permissions.
If you need sa rights then you should create a login for your Windows account and put that login in the sysadmin server role or in 2005 and above grant it CONTROL SERVER rights.
Some folks even recommend have a separate login that you use only when doing sa type activities and have another login you use when doing development or just querying the server.
Jack Corbett
Consultant - Straight Path Solutions
Check out these links on how to get faster and more accurate answers:
Forum Etiquette: How to post data/code on a forum to get the best help
Need an Answer? Actually, No ... You Need a Question
March 11, 2009 at 9:15 am
sa = "system administrator"
If you use it at all, use it for that purpose, and nothing else.
Otherwise, you can end up leaving your database open to all kinds of security issues.
I recommend Windows Domain security. Gives you the most control with the least work.
- Gus "GSquared", RSVP, OODA, MAP, NMVP, FAQ, SAT, SQL, DNA, RNA, UOI, IOU, AM, PM, AD, BC, BCE, USA, UN, CF, ROFL, LOL, ETC
Property of The Thread
"Nobody knows the age of the human race, but everyone agrees it's old enough to know better." - Anon
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply