Post reply

SQL 2005 Security

  • June 20, 2012 at 2:19 am

    #271508

    Hello,

    we have a cluster server with 2 nodes.

    1. ClusterAdmin is Sysadminand runns Cluster services.

    2. DBAdmin is Sysadmin and runs SQL server, Agent and SSIS.

    3. NT AUTHORITY\NETWORK SERVICE is DBCreator, SecurityAdmin and runs the below services SQL Active directory helper, Distributed Transaction Coordinator, Performance Logs and Alerts.

    4. NT AUTHORITY\SYSTEM is Sysadmin and nothing related to SQL.

    can i run all the services mention above on DBadmin and diable all the other users mentioned.

    kindly give suggestions.

    Regards
    Durai Nagarajan

  • June 20, 2012 at 5:19 am

    #1503327

    yes, no.

    We run cluster services using its own service account and use sqlserver (domain) service accounts for every sqlserver service.

    Johan

    Learn to play, play to learn !

    Dont drive faster than your guardian angel can fly ...
    but keeping both feet on the ground wont get you anywhere :w00t:

    - How to post Performance Problems
    - How to post data/code to get the best help[/url]

    - How to prevent a sore throat after hours of presenting ppt

    press F1 for solution, press shift+F1 for urgent solution 😀

    Need a bit of Powershell? How about this

    Who am I ? Sometimes this is me but most of the time this is me

  • June 20, 2012 at 5:26 am

    #1503331

    hope i'll change cluster user access to public rather than sysadmin.

    any points about 3 & 4.

    Regards
    Durai Nagarajan

  • June 20, 2012 at 5:36 am

    #1503337

    durai nagarajan (6/20/2012)

    hope i'll change cluster user access to public rather than sysadmin.

    any points about 3 & 4.

    cluster service account only needs "login" on your sqlserver instance. That's all.

    We remove all " NT AUTHORITY\*" because we use proper windows service accounts wherever needed.

    Johan

    Learn to play, play to learn !

    Dont drive faster than your guardian angel can fly ...
    but keeping both feet on the ground wont get you anywhere :w00t:

    - How to post Performance Problems
    - How to post data/code to get the best help[/url]

    - How to prevent a sore throat after hours of presenting ppt

    press F1 for solution, press shift+F1 for urgent solution 😀

    Need a bit of Powershell? How about this

    Who am I ? Sometimes this is me but most of the time this is me

  • June 20, 2012 at 7:29 am

    #1503408

    thanks Johan

    this helps me start building good security in my system.

    Regards
    Durai Nagarajan

Viewing 5 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic. Login to reply