Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion Groups
DB Engine
SQL ServerMSDESQL Server CE
Services
Analysis (Data Mining)Analysis (OLAP)DTSIntegration ServicesNotification ServicesReporting Services
Programming
CLRConnectivitySQLXML
Other Technologies
ClusteringEnglish QueryFull-Text SearchReplicationService Broker
General
Data WarehousingPerformanceSecuritySetupSQL Server ToolsOther SQL Server Topics
DirectoryUser Groups
Related Topics
MS AccessOther DB ProductsMS Server Products.NET DevelopmentVB DevelopmentJava DevelopmentMore Topics ...
SQL Server Forum / General / Security / November 2007

Tip: Looking for answers? Try searching our database.

ss2000 account lockout

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Jason - 27 Nov 2007 15:56 GMT
Google wasn’t cooperating today.
I’m 95% sure the answer is no, maybe I’m just in denial.  SS2000 does not
provide the ability to lock a user account after x number of failed logins,
correct?  I see that I can turn auditing on in the security tab though, but
that just adds an entry to the windows application log.
Reply to this Message
Russell Fields - 27 Nov 2007 16:23 GMT
Jason, Correct.  That feature was added in SQL Server 2005. - RLF

> Google wasn't cooperating today.
> I'm 95% sure the answer is no, maybe I'm just in denial.  SS2000 does not
[quoted text clipped - 3 lines]
> but
> that just adds an entry to the windows application log.
Reply to this Message
Jason - 27 Nov 2007 18:14 GMT
thanks

> Jason, Correct.  That feature was added in SQL Server 2005. - RLF
>
[quoted text clipped - 5 lines]
> > but
> > that just adds an entry to the windows application log.
Reply to this Message
Sean McCown - 27 Nov 2007 19:09 GMT
Correct.  SQL2K doesn't have that ability.
For that, switch to Yukon or higher.

> Jason, Correct.  That feature was added in SQL Server 2005. - RLF
>
[quoted text clipped - 5 lines]
> > but
> > that just adds an entry to the windows application log.
Reply to this Message
Uri Dimant - 28 Nov 2007 06:38 GMT
Russell
> Jason, Correct.  That feature was added in SQL Server 2005.

Do  you mean to create for logon trigger?

> Jason, Correct.  That feature was added in SQL Server 2005. - RLF
>
[quoted text clipped - 5 lines]
>> but
>> that just adds an entry to the windows application log.
Reply to this Message
Russell Fields - 28 Nov 2007 13:34 GMT
Uri,

No, I was talking about the SQL Server adopting Windows policy rules for
automatic lockout of a login after too many failed login attempts.  SQL
Server 2005 running on Windows 2003 will adopt Windows logins policies as
the definition for password complexity, login lockout, etc.

Of course, the logon trigger is also new with 2005.

Russell

> Russell
>> Jason, Correct.  That feature was added in SQL Server 2005.
[quoted text clipped - 11 lines]
>>> but
>>> that just adds an entry to the windows application log.
Reply to this Message
Uri Dimant - 28 Nov 2007 14:11 GMT
Hmm, I did not see that feature in real life yet. So, after a few attempts
Login will be locked automatically , how do you unlock it?

> Uri,
>
[quoted text clipped - 22 lines]
>>>> but
>>>> that just adds an entry to the windows application log.
Reply to this Message
Richard Mueller [MVP] - 28 Nov 2007 14:30 GMT
Same as in AD. Either wait for the lockout duration or have an admin unlock
the account for you. Once the AD account is unlocked you can authenticate to
SQL Server.

Signature

Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
--

> Hmm, I did not see that feature in real life yet. So, after a few attempts
> Login will be locked automatically , how do you unlock it?
[quoted text clipped - 25 lines]
>>>>> though, but
>>>>> that just adds an entry to the windows application log.
Reply to this Message
Russell Fields - 28 Nov 2007 14:34 GMT
Uri,

From the SSMS Login Properties / Status tab, click the Enabled radio button.

From TSQL:  ALTER LOGIN LoginName ENABLE

RLF

> Hmm, I did not see that feature in real life yet. So, after a few attempts
> Login will be locked automatically , how do you unlock it?
[quoted text clipped - 25 lines]
>>>>> though, but
>>>>> that just adds an entry to the windows application log.
Reply to this Message
Russell Fields - 28 Nov 2007 14:35 GMT
Also, according to Windows policy settings, when the lockout time period
elapses it will be automatically enabled.

RLF
> Hmm, I did not see that feature in real life yet. So, after a few attempts
> Login will be locked automatically , how do you unlock it?
[quoted text clipped - 25 lines]
>>>>> though, but
>>>>> that just adds an entry to the windows application log.
Reply to this Message
Uri Dimant - 28 Nov 2007 14:45 GMT
Russell and Richard
Thank you

> Also, according to Windows policy settings, when the lockout time period
> elapses it will be automatically enabled.
[quoted text clipped - 29 lines]
>>>>>> though, but
>>>>>> that just adds an entry to the windows application log.
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2009 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.