SQL Server Forums
Profile | Register | Active Topics | Members | Search | Forum FAQ
 
Register Now and get your question answered!
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 General SQL Server Forums
 New to SQL Server Administration
 serious problem in linked server security
 New Topic  Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

m.esteghamat
Starting Member

26 Posts

Posted - 10/29/2012 :  04:42:45  Show Profile  Reply with Quote
Hi
I created a linked server.
---------------------------------
type : sql server
local Login : login1
Remote user & remote password : (Case 1 : empty - Case 2 : = login1)
be made using this sequrity content : login1 passlogin1
---------------------------------
Problem :
Any login in server1 (that server has linked server) has all access on linked server (all databases on it)!!!!!!
that means : if any user with least access, knows only knows linked server name and a database name on it, it can select any data from that database whitout any formal access.
please help me. I should protect linked server data, from local user in server1.
thank you.

Edited by - m.esteghamat on 10/29/2012 04:49:19

visakh16
Very Important crosS Applying yaK Herder

India
52317 Posts

Posted - 10/29/2012 :  10:17:44  Show Profile  Reply with Quote
depends on whats the credential to which users are mapped into in linked server

------------------------------------------------------------------------------------------------------
SQL Server MVP
http://visakhm.blogspot.com/

Go to Top of Page

m.esteghamat
Starting Member

26 Posts

Posted - 10/31/2012 :  03:11:36  Show Profile  Reply with Quote
that was very short, Please desc it more.
Go to Top of Page

m.esteghamat
Starting Member

26 Posts

Posted - 11/11/2012 :  05:20:43  Show Profile  Reply with Quote
Hi again
How do I control mapped user to linked server?
Go to Top of Page

Bustaz Kool
Flowing Fount of Yak Knowledge

USA
1754 Posts

Posted - 11/13/2012 :  18:35:38  Show Profile  Reply with Quote
If you right-click on your linked server inside SSMS and bring up the Properties->Security, there are a variety of ways to limit/define the security. You can define an explicit list of people who can make use of the linked server. You can define an explicit login to use; this login could have few or many rights depending on your objective. You can define it so that each user uses their own security context in wich case the amount of trouble they can get into is limited by the set of rights they have been granted. You can also define it so that they login using no security context. I have no idea what that option actually means.

=================================================
We are far more concerned about the desecration of the flag than we are about the desecration of our land. -Wendell Berry
Go to Top of Page

Lumbago
Norsk Yak Master

Norway
3271 Posts

Posted - 11/14/2012 :  06:58:59  Show Profile  Reply with Quote
I don't see the big problem, why can't you just map the local user to a remote account that has limited privileges...? ->

"For a login not defined in the list above, connections will:"
a) Not be made
b) Be made using this security context

- Lumbago
My blog-> http://thefirstsql.com
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
SQL Server Forums © 2000-2009 SQLTeam Publishing, LLC Go To Top Of Page
This page was generated in 0.05 seconds. Powered By: Snitz Forums 2000