February 25, 2008 at 6:43 am
Hello,
I have problems with my mssql server in which it spontaneously changes
permissions of my user account once every month or so. I have to manually
change the permissions to be able to run normal queries again...
Could this be patch-related? Or somehow server related, or a hack?
Regards
/Peter
February 25, 2008 at 7:07 am
If you audit the DDL changes you should be able to find out what changes the login ID permissions see
http://www.simple-talk.com/sql/sql-server-2005/sql-server-2005-ddl-trigger-workbench/
February 25, 2008 at 7:17 am
Hello Carolyn,
Thank you very much for that link and suggestion. However, I was wondering
if you perhaps know of a way to track the cause of alteration without an audit
tool like this in place already?
Regards
/Peter
February 25, 2008 at 10:03 am
Sorry I don't think you can trace it, unless you had some kind of auditing in place, especially if you don't know the exact time it was run.
I have seen this happening when someone used a script which included the drop and create permissions to restore a database, it then drops the role and permissions and creates them again, but the create only works for the database being restored not the other databases, thus in effect altering the permissions on the original databases.
February 27, 2008 at 10:08 am
You can do that with system side tracing. All you need to trace the events regularly using the system sided stored procedures.
Cheers,
Sugeshkumar Rajendran
SQL Server MVP
http://sugeshkr.blogspot.com
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply