July 13, 2005 at 9:29 am
I am currently switsching from Access to SQL server 2000. The SQL server 2000 wil run under windows 2003 and this database is only used for the internet (VBscript + ASP)
I read somewhere the standard dbo user should not be used for the internet. What should I do then? What are the minimum rights I need to give to the 'new user'? Should I delete the dbo user completely?
Thanks for your help!!
July 13, 2005 at 9:44 am
This is a topic that's not really going to be answerable in a forum post. But basically here's what you do.
You determine the minimum rights the web application needs. Where possible you drive all access through stored procedures. You create a user-defined database role that has those permissions and nothing more. Create a SQL Server login for the web application. Give that login access to the database as a user. Make that a user a member of your user-defined role.
DBO is always going to be present, but you just ensure the web application isn't using an account with those kinds of rights.
K. Brian Kelley
@kbriankelley
July 13, 2005 at 10:02 am
Fantastic! This is the info I needed. Thanks Brian! 🙂
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply