Does SQL Server 2000 Enterprise Edition have any built-in security features
for account management, such as logging user logins and locking an account w
hen a user uses the wrong password X number of times. If there is no built i
n functionality, has anyone
implemented these kinds of security features?
Thanks,
KatieThe only thing that SQL has is auditing for successfull and failed logins.
To protect your SQL Server and/or restrict access to it, you could put it
behind ISA server and only allow certain computers to connect.
We don't check for NT policies on password attempts.
Thanks,
Kevin McDonnell
Microsoft Corporation
This posting is provided AS IS with no warranties, and confers no rights.|||Hi! The functionality you are looking for (account lockouts) is already avai
lable on the OS side which I think is why it is no longer built into SQL Ser
ver. Just use Windows authentication if you need this functionality, but of
course you already knew tha
t..... HTH. =)|||Ricky - With the OS security, it can detect when someone tries to access SQL
Server with a SQL login and fails? I am not so worried about Windows logins
, but I want to prevent people opening up QA and trying to run a script on a
database using their appli
cation's SQL login.
Kevin - I found the SQL Server security feature on the Security tab of Serve
r Properties in EM, and I have checked the box to audit failed logins, but w
here do the failed logins get logged?
Thanks for all your help guys!|||Failed logins would be logged to the SQL Errorlogs and the NT Application
Event log. But you'll need to restart MSSQLServer to enable the changes.
Thanks,
Kevin McDonnell
Microsoft Corporation
This posting is provided AS IS with no warranties, and confers no rights.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment