In SQL Server, various users will need a login to perform different operations; some will need a place to upload all of there LOLCAT/icanhascheezburger images (as the image type of course) for safe keeping; others will need a place to store porn mpegs and inappropriate files on the C:\ drive of the server.
Question: How can you Make managing Security in SQL Server 2005 (and beyond) easier?
Answer: By upgrading to an earlier version.
First step is to make sure you use the SA login for ALL activity. This will keep you from having to field requests such as "I need read/write to such-and-such database(s)" or "I need xp_cmdshell access". Why screw around with actual work and help-desk tickets during the day when you can stare at Facebook or this blog all day? Utilizing the SA password for all users make sure you only have ONE login on the SQL instance and no need to track who has what permissions.
To manage the permissions, make "SA" stand for different things. For example, you give a junior developer read access to your production database. Tell him/her that "SA stands for 'Stricted Access' ". Then explain that the word "restricted" is deprecated in SQL Server, and the new terminology is 'Stricted.
If you have a more seasoned-resource who requires elevated privileges, tell them that SA means "Super Access" or "Specific Access".
Now comes managing the passwords--- you'll want to leave the password blank. BUT WAIT PINAL STEVE!!1! YOU CAN NOT HAS BLANK PASSWORD IN TEH SQL 2005 ! That's right, PINAL READER! You can not...So here's the solution:
Depending upon what flavor of geek you are, you'll need to acquire a time-machine. If you're like me, you'll want to go with either a Doc Brown/Michael J Fox (before he got "the shakes") Delorean. I drive a GTO with a modified Flux Capacitor, thereby eliminating the need to rent a time machine from Marty McShakeyHands.
You may also contact StarGate Command, Lt. Col. Samantha Carter, who can modify a Stargate in our galaxy for you by dialing a planet during a solar flare. If you're a stoner DBA OR a hippy DBA, you'll want to contact Rufus/Bill/Ted or Dr. Who, accordingly.
Travel back to the year 2000 and obtain SQL Server 2000 or 7.0, Enterprise edition. (Please note: If installing 7.0, please use the license key 11111-111-11111-111). Uninstall SQL Server 2005 by erasing the keys from the Registry, reboot, and install SQL Server 2000 or 7.0 (7.0 preferred).
From here, you can set up a BLANK password for the SA account. When handing the SA account to different users, tell them you've installed finger-print-sensitive keys on their laptop/desktop/smartphone, and that they only need touch the Tilde key (the one that has the '~' on it. Yes, it's called a tilde. It has a name). Tell them the secret finger-print password will be INVISIBLE to the naked eye. Press enter, and boom, they're logged in.
Hopefully this article will help you. If you need further help, this article can help you more.
No comments:
Post a Comment