Results 1 to 10 of 10
  1. #1
    Join Date
    Mar 2003
    Posts
    10

    Unanswered: SQL Server 2000 Windows Authentication

    Hi everyone,

    I have a security issue with windows authentication in SQL Server 2000 that I am trying to address, and not having much luck with it.

    I am running a database at a client site, and I do not want the local network admin to be able to view and edit my DB's schema. Currently, an admin can open enterprise manager and view the DB schema. Also if he wants to open query analyzer all he has to do is select windows authentication instead of SQL Server authentication and he can completely bypass the password. Is there any way around this to ensure that only those who know the server password can view the schema?

    Thanks,
    Andrei

  2. #2
    Join Date
    Feb 2002
    Location
    Houston, TX
    Posts
    809
    In Enterprise Manager, connect to the server and under Security,Logins look at the Windows authenticated IDs. I can't remember exactly but one of them will be Admin or ServerAdmin. This relates to the Server Administrators. Once this account is removed you Server Admins can no longer gain access via Windows Authentication.
    Paul Young
    (Knowledge is power! Get some!)

  3. #3
    Join Date
    May 2003
    Posts
    22
    try removing or disabling builtin\administrators

  4. #4
    Join Date
    Feb 2002
    Location
    Houston, TX
    Posts
    809
    bingo! never can remeber that one, Thanks!
    Paul Young
    (Knowledge is power! Get some!)

  5. #5
    Join Date
    Mar 2003
    Posts
    10
    Thanks that worked.

  6. #6
    Join Date
    Jun 2003
    Posts
    7
    Hi,

    Originally posted by wilso_s
    try removing or disabling builtin\administrators
    while this will work, removing BUILTIN\Administrators is not a trivial thing to do, ensure that jobs are owned by sa, or you will run into problems. Also you may want to read http://www.support.microsoft.com/?id=263712

  7. #7
    Join Date
    Feb 2002
    Location
    Houston, TX
    Posts
    809
    I would disagree. One of the first things we do in my shop is delete this account. All jobs are owned by sa.
    Paul Young
    (Knowledge is power! Get some!)

  8. #8
    Join Date
    Jun 2003
    Posts
    7
    Hi Paul,

    Originally posted by Paul Young
    I would disagree. One of the first things we do in my shop is delete this account. All jobs are owned by sa.
    the first time I wanted to delete this account was with SQL7 on NT4 SP6. It took my quite a long time to figure out why jobs kept failing. In fact we had to apply SP6a.

    After taking a close look at the NT groups on the SQL machine, I kicked out every normal user or developer who was member of this or that admin groups for some convenience reasons and left BUILTIN\Administration untouched since then.

    I might change opinion if I had to ship my apps

    Don't you trust your admins?

  9. #9
    Join Date
    Feb 2002
    Location
    Houston, TX
    Posts
    809
    not any further than I can throw them.

    Do you let any one look at sensetive or confidential information?
    Paul Young
    (Knowledge is power! Get some!)

  10. #10
    Join Date
    Jun 2003
    Posts
    7
    Hi Paul,

    Originally posted by Paul Young
    not any further than I can throw them.

    Do you let any one look at sensetive or confidential information?
    I'm responsible for the SQL Server that keeps our financial transactions (equity and bond trades and stuff like that). That means database and GUI to access data. I am backup by the full faith of CEO, CFO and so on. Security is a great issue for them. Only a handful of people have access to this information (and even less will understand this information ;-)). I am only local admin to this machine and my box. I do trust my domain admin, because I have little insight in the OS and network stuff. But I don't trust our developers (Sorry, no harm to anyone!). If you work heavily with NT Groups somewhere in time someone gets added to some group for convenience reasons and if you don't remove him right after he has finished his job, you'll forget him. It had driven me crazy for some two weeks that I can't figure out why a developer had access to my server, although he hadn't a SQL Server login. That was the time when I played around with BIULTIN/Adminsitrators. Recently, I discovered he was member of a SQL maintenance group with local admin rights to the server. We kick him off and now I can sleep well again.

    If you cannot trust your domain admins I think you have some more severe problems than looking at confidential data.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •