July 29, 2014 at 12:08 am
Comments posted to this topic are about the item New SQL Server 2014 Permissions: CONNECT ANY DATABASE
July 29, 2014 at 6:49 pm
Thanks Edward.
A good enhancement to server permissions. It addresses a recent annoyance I found with setting up a SQL 2012 service account for use by SQL Compare... I could assign it a custom server role with "VIEW ANY DEFINITION", but having no complementary "CONNECT ANY DATABASE" permission, I had to grant individual access to them.
The SELECT ALL USER SECURABLES permission will also come in handy - probably for a similar use of SQL Data Compare.
Cheers,
- Mark
July 30, 2014 at 5:20 am
mccork (7/29/2014)
Thanks Edward.A good enhancement to server permissions. It addresses a recent annoyance I found with setting up a SQL 2012 service account for use by SQL Compare... I could assign it a custom server role with "VIEW ANY DEFINITION", but having no complementary "CONNECT ANY DATABASE" permission, I had to grant individual access to them.
The SELECT ALL USER SECURABLES permission will also come in handy - probably for a similar use of SQL Data Compare.
Good example --- using this with SQL Data Compare, or any other 3rd party monitoring/analysis tool would be perfect!
July 30, 2014 at 7:02 am
the ANY style of permission grants is easy and inclusive, but Auditors tend to single out that those methods of grant permissions and access are security gaps and you can receive a "finding" in an audit for using them and be forced to change your methods.
SELECT ANY TABLE is a frequent "hunt" for auditors.........CONNECT ANY DATABASE will likely be scrutinized as well during SOX Audits.
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply