Results 1 to 3 of 3
  1. #1
    Join Date
    Aug 2010

    Unanswered: MSSQL Database Security issue

    Hi Everyone,

    i have a MSSQL database server 2008, which is used and can be connected by my software developers for the development process. They all are using 'sa' account.
    but i want to make one database where i can put my confidential info, and i want that database to be inaccessible to my developers.

    how can i achieve that? Please describe me in steps so that i can follow easily.

    Thank you Very much

  2. #2
    Join Date
    Jan 2007
    Provided Answers: 10
    Don't let them use the sa account!

    • Create new SQL login for them to use
    • Add them as windows authenticated users
    • Add them to an AD group and grant the AD group access
    Home | Blog

  3. #3
    Join Date
    Jan 2003
    Provided Answers: 11
    NEVER give away sysadmin rights on a server. Neither should an application user have sysadmin rights, or an application run as sysadmin. These are horribly bad security practices

    Developers at most should only have db_owner rights on the database(s) they are developing in.

    If you are in a windows domain, use the following steps (elaborated from above)

    1) In SQL Server Management Studio, create a new windows authenticated login on SQL Server from their Windows Login.
    2) Under User Mappings, select the database they need to work in, and the db_owner role.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts