Results 1 to 3 of 3

Thread: SQL Security

  1. #1
    Join Date
    Oct 2007
    Posts
    30

    Unanswered: SQL Security

    I have just started working for a new company, and am looking at the security set up on their database.

    It appears to me that whilst they have a table of Users, this has been designed for restrictions set in the front end of the database (VB) rather than to actually use SQL itself.

    In the SQL database, there is only actually one User created for the database, and the VB application uses a DSN set up on everyone’s desktop to access it via this one user.

    Hence if I wanted to log specific actions taken in the database, by the user who did them, I can’t really find the user, because sp_who and suchlike, only brings up the one user.

    Firstly, I wondered if it possible to see what sort of security there is on a database, is SQL Server mode, or mixed mode (using NT), is there a system stored procedure that will tell me that?

    And is there anyway that I can implement some sort of mixed mode, so I can obtain at least the users NT security log on, and be able to trace actions back to them?

  2. #2
    Join Date
    Oct 2007
    Posts
    30
    further to this, if i was to set up a new logon, using NT security, and then changed the DSN to look at this login, would I then be able to see who the NT login user was?

  3. #3
    Join Date
    Oct 2007
    Location
    Florida USA
    Posts
    2
    You can right click on sql server name and select properties under security tab it does show the type of security.

    sp_who should tell u the HostName and specific SPID with it, you can then see who is doing what. Kind of lenghty process but hostname and spid is the way to start if every one is using the same username to connect, in case some body delete any thing you can locate them using the computer name and smack them upside the head.

    You can use profiler to see who is sending what query.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •