I have a problem administering my sql server security, I suspect there are
several users with excessive permissions and they themselves are granting an
d
modifying permissions for other users, the problem is that I am not running
in C2 Audit mode, is there any other way to check which users have modified
permissions for other users in, lets say the last month or so?Hi
Unless you are running full transaction logging, and have the logs backed
up, you can't use any tools like LogPi www.lop.pi and Log Explorer
http://www.lumigent.com/products/le_sql.html to view what happened.
Regards
--
Mike Epprecht, Microsoft SQL Server MVP
Zurich, Switzerland
IM: mike@.epprecht.net
MVP Program: http://www.microsoft.com/mvp
Blog: http://www.msmvps.com/epprecht/
"i-DLT" <iDLT@.discussions.microsoft.com> wrote in message
news:11DF54D1-127C-4053-8EA4-3FE665BF4B0D@.microsoft.com...
>I have a problem administering my sql server security, I suspect there are
> several users with excessive permissions and they themselves are granting
> and
> modifying permissions for other users, the problem is that I am not
> running
> in C2 Audit mode, is there any other way to check which users have
> modified
> permissions for other users in, lets say the last month or so?
>|||Thx I downloaded LogPI Demo and will try to pinpoint where the security leak
is coming from. I also will turn on C2 Auditing on all of my instances.
Thx Mike
"Mike Epprecht (SQL MVP)" wrote:
> Hi
> Unless you are running full transaction logging, and have the logs backed
> up, you can't use any tools like LogPi www.lop.pi and Log Explorer
> http://www.lumigent.com/products/le_sql.html to view what happened.
> Regards
> --
> Mike Epprecht, Microsoft SQL Server MVP
> Zurich, Switzerland
> IM: mike@.epprecht.net
> MVP Program: http://www.microsoft.com/mvp
> Blog: http://www.msmvps.com/epprecht/
> "i-DLT" <iDLT@.discussions.microsoft.com> wrote in message
> news:11DF54D1-127C-4053-8EA4-3FE665BF4B0D@.microsoft.com...
>
>|||Hi,
If you enable the C2 Auditing please monitor your hard drive very closely.
Since C2 Audit will audit all actions in backend and wil cause
the trace file to grow heavily. THis will eat your hard drive and can even
cause downtime if you direct the trace file
to either data drive or system drive. So it is always good to allways direct
the trace to a un-used drive.
Thanks
Hari
SQL Server MVP
"i-DLT" <iDLT@.discussions.microsoft.com> wrote in message
news:C5DE8B75-5C3F-4DE3-87CC-9EEAA3786FCE@.microsoft.com...[vbcol=seagreen]
> Thx I downloaded LogPI Demo and will try to pinpoint where the security
> leak
> is coming from. I also will turn on C2 Auditing on all of my instances.
> Thx Mike
> "Mike Epprecht (SQL MVP)" wrote:
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment