SQL Server Security Audit Report
If you don't have third party tools and need to go through many servers to provide this information it can be a hassle and very time consuming. So I put together a script to generate a report that I could just review. The script generates a report of all elevated level accounts and any possible security holes.
Solution
The script that I created does the following:
Lists who has 'sa' permissions
List which accounts have local administrator access
Lists type of logins that are used
Individual NT Login
Individual SQL Login
NT Group Login
If NT groups are being used a list of who is in the groups
Checks to see if any Windows accounts that are in SQL Server no longer exist
The last part shows if any user is using database roles and which roles
With a combination of Windows system commands and T-SQL, you can pull this information easily. This script works for SQL 2000, SQL 2005 and SQL 2008.
Please click this link you find more stuff for above Questions in SQLDBA.
http://www.mssqltips.com/tip.asp?tip=1881
Regards,
Uday.A
Solution
The script that I created does the following:
Lists who has 'sa' permissions
List which accounts have local administrator access
Lists type of logins that are used
Individual NT Login
Individual SQL Login
NT Group Login
If NT groups are being used a list of who is in the groups
Checks to see if any Windows accounts that are in SQL Server no longer exist
The last part shows if any user is using database roles and which roles
With a combination of Windows system commands and T-SQL, you can pull this information easily. This script works for SQL 2000, SQL 2005 and SQL 2008.
Please click this link you find more stuff for above Questions in SQLDBA.
http://www.mssqltips.com/tip.asp?tip=1881
Regards,
Uday.A
Labels: Sql server2005/ 2008/2000 and SSRS, SQLDBA, SSAS, SSIS
posted by Uday Bhaskar at
December 14, 2009
|
1 Comments
