Please start any new threads on our new site at https://forums.sqlteam.com. We've got lots of great SQL Server experts to answer whatever question you can come up with.

 All Forums
 SQL Server 2012 Forums
 SQL Server Administration (2012)
 unnecessary permission

Author  Topic 

noamg
Posting Yak Master

215 Posts

Posted - 2013-10-01 : 06:42:17
Hi,
for security reasons, I have to remove the un-used permission.
How I can know what to revoke ?


Noam Graizer

James K
Master Smack Fu Yak Hacker

3873 Posts

Posted - 2013-10-01 : 09:37:44
You have to first define what permissions are required for each login/user/group. Then remove any unnecessary permissions.

My approach usually is to grant no permissions to anyone, and then add permissions only as needed. Most end-user logins/groups would only have public role at the server level and access to only the databases they need. In those databases, they would be granted access (usually execute permissions) to the stored procedures they need. You can create roles and grant them membership in those roles to manage the permissions for a group of users.
Go to Top of Page
   

- Advertisement -