Skip to main content

Posts

Showing posts from September, 2017

Uptight Database Security

If you need a practical approach to managing database administrator access without always granting the sysadmin role to your database administrators then I encourage you to vote for my GroupBy session for the December lineup.  https://groupby.org/conference-session-abstracts/uptight-database-security/ As the SQL Server security model has become more granular, it is now easier to do routine database administration without sysadmin access.  Starting with SQL Server 2005,  administering SQL Server without sysadmin access is now possible for many of the typical DBA tasks. For example, a DBA only needs the ALTER SETTINGS permission to use the sp_configure command on a database instance. To run SELECT queries on Database Management Views requires either VIEW SERVER STATE or VIEW DATABASE STATE depending on the DMV being queried. To use Query Store requires only VIEW DATABASE STATE. CONTROL SERVER can be granted to DBAs that allows them to do almost all the tasks that sysadmin al