programming4us
           
 
 
SQL Server

SQL Server 2008 : Managing Security - Service Accounts and Permissions

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019
12/7/2010 10:52:00 AM
A few changes have taken place in SQL Server 2008 starting with the Windows local groups that have been a component of SQL Server installs prior to SQL Server 2008. The groups are still created but rights are no longer granted in SQL Server for them. Accounts selected during the SQL Server install process for service startup are the only accounts that are granted rights in SQL Server.

To maintain a secure environment you should always run SQL Server services using the minimum amount of user rights. Additional permissions should not be granted to these accounts. It is recommended that a specific user account or domain account should be used for SQL Server services. Shared accounts should not be used. A Domain User account that does not have permissions as a Windows administrator is more appropriate for use with SQL Server services. Using the Network Service account for SQL Server services is not recommended since it is shareable. A Network Service account should only be considered if it can be ensured that no other services that use the account are installed on the computer.

Warning

Make sure that you are aware of which types of accounts are recommended for use with SQL Server services.

Figure 1 shows the SQL Server Services in the SQL Server Configuration Manager.

Figure 1. SQL Server Configuration Manager—Service Properties
Exercise . Get Familiar with the Sql Server Configuration Manager

We do not want to modify anything at this point but it is a good time to get familiar with the SQL Server Configuration Manager. Let’s take a look around:

  1. Open up the SQL Server Configuration Manager.

  2. Click on SQL Server Services as in Figure 4.14.

  3. Right-click on SQL Server Agent and click Properties.

  4. In the properties window on the Log-on tab click on the drop-down menu for Built-in account: and take a look at the available accounts.

  5. Now take a look on the Service tab and locate the Start Mode. Remember that at the time of install this service is disabled. This is where you would change the Start Mode in order to enable SQL Server Agent.

  6. Select the Cancel button to exit Properties.

  7. Exit the SQL Server Configuration Manager.

Domain Service Accounts versus Local Service Accounts

There are a few restrictions to which account types can be used by SQL Server services. There are a couple things to consider when selecting an account type to use with a SQL Server service.

If the service must access file shares or use link server connections to other SQL servers, using a minimally privileged Domain user account is the best option.

The Local service account is a built-in account with the same level of access to resources and objects as members of the Users group. The limited access of the local service account can help safeguard the system if individual services or processes are compromised.

You cannot use a Local Service account for SQL Server or SQL Server Agent.
Other -----------------
- SQL Server 2008 : Managing Security - Security and SQL Agent
- SQL Server 2008 : Implementing Transactions - Transaction Traps
- SQL Server 2008 : Implementing Transactions - Deadlocking
- SQL Azure Primer (part 4) - Creating Logins and Users
- SQL Azure Primer (part 3) - Connecting with SQL Server Management Studio
- SQL Azure Primer (part 2) - Configuring the Firewall
- SQL Azure Primer (part 1)
- SQL Server 2008 : Implementing Transactions - Locking
- SQL Server 2008 : Isolation Level Explained
- SQL Server 2008 : ACID
- SQL Server 2008 : Transactions Explained
- SQL server 2008 : Handling Errors (part 3)
- SQL server 2008 : Handling Errors (part 2)
- SQL server 2008 : Handling Errors (part 1)
- SQL Server 2008 : Indexing for Performance - Putting It All Together (part 5) - Filtered Indexes
- SQL Server 2008 : Indexing for Performance - Putting It All Together (part 4) - Indexing JOIN Criteria
- SQL Server 2008 : Indexing for Performance - Putting It All Together (part 3) - Covering Your Queries
- SQL Server 2008 : Indexing for Performance - Putting It All Together (part 2) - Clustered Index Seeks
- SQL Server 2008 : Indexing for Performance - Putting It All Together (part 1)
- SQL Server Integration Services : Logged and Nonlogged Operations
 
 
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
- First look: Apple Watch

- 3 Tips for Maintaining Your Cell Phone Battery (part 1)

- 3 Tips for Maintaining Your Cell Phone Battery (part 2)
programming4us programming4us