Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion Groups
DB Engine
SQL ServerMSDESQL Server CE
Services
Analysis (Data Mining)Analysis (OLAP)DTSIntegration ServicesNotification ServicesReporting Services
Programming
CLRConnectivitySQLXML
Other Technologies
ClusteringEnglish QueryFull-Text SearchReplicationService Broker
General
Data WarehousingPerformanceSecuritySetupSQL Server ToolsOther SQL Server Topics
DirectoryUser Groups
Related Topics
MS AccessOther DB ProductsMS Server Products.NET DevelopmentVB DevelopmentJava DevelopmentMore Topics ...
SQL Server Forum / General / Other SQL Server Topics / October 2005

Tip: Looking for answers? Try searching our database.

Server Group Registration issue

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Vetle - 28 Oct 2005 13:31 GMT
Hi.

I'm relatively new to SQL Server, and I've come across a problem I can't
seem to solve.

I have several SQL Servers running in our network. We recently implemented a
new system for Human Resources Dept, which contain lots of sensitive personal
data.

I use SQL Server authentication only to access the data through Enterprise
Manager (EM). By accident though, I found out that if I log on to any other
SQL Server in the network I can open EM and create a New Server Group
Registration, select the new SQL Server and "bang" I have access to all the
tables without being prompted for any passwords. All the servers in the
network are logged on with admin users.

As you might have guessed by now, I'm not heavily into security issues. Is
there anyone who can advise me on how to solve this issue?

Thanks.
Reply to this Message
Sue Hoegemeier - 28 Oct 2005 15:29 GMT
Did you register these servers using Windows Authentication?
If you didn't enter any user, password then that's how you
are authenticating so the permissions you have are based on
the Windows groups, accounts that have access.
By default, when you install SQL Server a group
BUILTIN\Administrators is added to the logins. This group
would be the members of the local admins group on the box
where SQL Server is installed. The group by default is a
member of the sysadmins server role in SQL Server. So anyone
who is an administrator on the box will have sysadmin access
in SQL Server.

-Sue

>Hi.
>
[quoted text clipped - 16 lines]
>
>Thanks.
Reply to this Message
Vetle - 31 Oct 2005 08:30 GMT
Hi Sue!

Thanks for your respons.

I did register all these servers using the sa user if that's what you mean.
However, I wasn't aware of the Builtin\Administrator. Denying access to this
login solved my problem. I'll soon find out if this results in any new
problems.

Thank you so much Sue.

Vetle

> Did you register these servers using Windows Authentication?
> If you didn't enter any user, password then that's how you
[quoted text clipped - 30 lines]
> >
> >Thanks.
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2010 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.