Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
AskSQLTeam
Ask SQLTeam Question
0 Posts |
 Posted - 2005-03-10 : 07:43:18
|
| mike writes "Is there a script that one can use or write that can test if any user can use the SQL default Systems Accounts(SA) to login into SQL or database not authorize.Here is my problem:(Sarbanes-Oxley) Would like to know if ordinary users can access my default UID like SA Account. and they will like to use a sample to prove otherwise. I would like to use a sample of about 20 database user to attemt to login into databases using using SA ID. I would like to capture the result of their attemps; showing if the can or can't access SQL server with SA account. The reason i like to use a script is to make life easy for me and the sample users. With the script they don;t have to type but cut and paste. On the script i would also like the script to show the name of the user that is logon e.g NET USERNAME from the command Prompt.Thanks for your cooperationMike" |
|
|
robvolk
Most Valuable Yak
15732 Posts |
Posted - 2005-03-10 : 07:45:11
|
| Instead of auditing whether users can use SA, DO NOT ALLOW THEM TO USE IT.This is easy: change the SA password to something random, and DO NOT communicate it to ANYONE. In fact, it's a good idea to change the SA password frequently. If it breaks an application, well, that application was already broken by using SA in the first place. SA should NEVER be used for any applications, and if it were used then all the auditing and testing in the world won't protect you. |
 |
|
|
|
|
|
Default SQL UID( SA, Guest)