Please start any new threads on our new site at We've got lots of great SQL Server experts to answer whatever question you can come up with.

Our new SQL Server Forums are live! Come on over! We've restricted the ability to create new threads on these forums.

SQL Server Forums
Profile | Active Topics | Members | Search | Forum FAQ
Save Password
Forgot your Password?

 All Forums
 General SQL Server Forums
 New to SQL Server Administration
 serious problem in linked server security
 Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

Starting Member

47 Posts

Posted - 10/29/2012 :  04:42:45  Show Profile  Reply with Quote
I created a linked server.
type : sql server
local Login : login1
Remote user & remote password : (Case 1 : empty - Case 2 : = login1)
be made using this sequrity content : login1 passlogin1
Problem :
Any login in server1 (that server has linked server) has all access on linked server (all databases on it)!!!!!!
that means : if any user with least access, knows only knows linked server name and a database name on it, it can select any data from that database whitout any formal access.
please help me. I should protect linked server data, from local user in server1.
thank you.

Edited by - m.esteghamat on 10/29/2012 04:49:19

Very Important crosS Applying yaK Herder

52326 Posts

Posted - 10/29/2012 :  10:17:44  Show Profile  Reply with Quote
depends on whats the credential to which users are mapped into in linked server

SQL Server MVP

Go to Top of Page

Starting Member

47 Posts

Posted - 10/31/2012 :  03:11:36  Show Profile  Reply with Quote
that was very short, Please desc it more.
Go to Top of Page

Starting Member

47 Posts

Posted - 11/11/2012 :  05:20:43  Show Profile  Reply with Quote
Hi again
How do I control mapped user to linked server?
Go to Top of Page

Bustaz Kool
Flowing Fount of Yak Knowledge

1834 Posts

Posted - 11/13/2012 :  18:35:38  Show Profile  Reply with Quote
If you right-click on your linked server inside SSMS and bring up the Properties->Security, there are a variety of ways to limit/define the security. You can define an explicit list of people who can make use of the linked server. You can define an explicit login to use; this login could have few or many rights depending on your objective. You can define it so that each user uses their own security context in wich case the amount of trouble they can get into is limited by the set of rights they have been granted. You can also define it so that they login using no security context. I have no idea what that option actually means.

We are far more concerned about the desecration of the flag than we are about the desecration of our land. -Wendell Berry
Go to Top of Page

Norsk Yak Master

3271 Posts

Posted - 11/14/2012 :  06:58:59  Show Profile  Reply with Quote
I don't see the big problem, why can't you just map the local user to a remote account that has limited privileges...? ->

"For a login not defined in the list above, connections will:"
a) Not be made
b) Be made using this security context

- Lumbago
My blog->
Go to Top of Page
  Previous Topic Topic Next Topic  
 Reply to Topic
 Printer Friendly
Jump To:
SQL Server Forums © 2000-2009 SQLTeam Publishing, LLC Go To Top Of Page
This page was generated in 0.03 seconds. Powered By: Snitz Forums 2000