February 8, 2014 at 9:38 pm
In a sql server 2008 database, the person that has dba access thinks the user security rights are controlled by the active directory. The .net application and database was written by contractors that are no longer with the company. There is no documentation for the application.
Thus we are trying to determine how the security is setup. I stepped through the .net 2012 code and found what active directory values were setup.
However with sql server 2008, I do not know how to tell how the security is setup via active directory contols. Thus can you tell me and/or point me to a reference that will tell me how to accomplish my goal?
February 8, 2014 at 10:00 pm
Check security and see if the windows logins or groups exist there. If they do, then you have logins in SQL Server that are using windows authentication.
Next check under security under each database. If you have windows logins or groups there, then you have database users that are tied to windows authentication.
If in neither place, then you possibly have a table that has the logins to be used by the .Net application.
Jason...AKA CirqueDeSQLeil
_______________________________________________
I have given a name to my pain...MCM SQL Server, MVP
SQL RNNR
Posting Performance Based Questions - Gail Shaw[/url]
Learn Extended Events
February 9, 2014 at 10:15 am
Great points by SQLRNNR. Also check the local administrators group on the server running SQL Server. Any user who is added to the local admin group, will be (by default) an admin on your SQL server (depending on how your SQL Server was originally configured). These "domain users" won't show up under the security folders on the server - they will show up as BUILTIN\Administrators
______________________________________________________________________________Never argue with an idiot; Theyll drag you down to their level and beat you with experience
February 10, 2014 at 7:18 am
Also check the local administrators group on the server running SQL Server. Any user who is added to the local admin group, will be (by default) an admin on your SQL server (depending on how your SQL Server was originally configured). These "domain users" won't show up under the security folders on the server - they will show up as BUILTIN\Administrators
This changed with SQL Server 2008: http://technet.microsoft.com/en-us/library/cc280562(v=sql.100).aspx
"By default, the local Windows Group BUILTIN\Administrator is no longer included in the SQL Server sysadmin fixed server role on new SQL Server 2008 installations."
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply