May 16, 2018 at 3:25 pm
Example
we have have non domain server
Example : 10.12.10.51 server DNS name = "MyAccounting.ftpcomp.net"
Server hosting default instance of SQL 2012 and application part of software
So users open connections to application on 10.12.10.51 and application connects to sql server using 'sa' login (can not change this for now...)
How to restrict access to SQL server using 'sa' account if connection is trying to be open from IP other then 10.12.10.51 ?
Thank you
May 16, 2018 at 3:42 pm
Setup a firewall rule to block SQL port from other IP addresses(this will potentially block all the login attempts from out side, not just for 'sa' login) or may be you can just set up a logon trigger which performs a check on IP addresses and login name that denies connection.
https://docs.microsoft.com/en-us/sql/relational-databases/triggers/logon-triggers?view=sql-server-2017
May 16, 2018 at 4:08 pm
Sreekanth B - Wednesday, May 16, 2018 3:42 PMSetup a firewall rule to block SQL port from other IP addresses(this will potentially block all the login attempts from out side, not just for 'sa' login) or may be you can just set up a logon trigger which performs a check on IP addresses and login name that denies connection.
https://docs.microsoft.com/en-us/sql/relational-databases/triggers/logon-triggers?view=sql-server-2017
Perfect! thanks for the tips
I have a firewall rules,
I found example that will work for me
https://community.spiceworks.com/topic/255162-restrict-access-to-ms-sql-server-per-user-by-ip-address
I will also add to it check for application name
Is any way I can customize message shown to user when login fails instead of "login fail due to trigger execution"?
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply