Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
petek
Posting Yak Master
192 Posts |
 Posted - 2008-12-05 : 03:43:51
|
| Hi All, Firstly thank you for looking at this post.I have recently started a new job and have inherited a number of SQL servers ranging from 6.5 to 2005. I am in the process of securing the SQL Servers; the developers who created the majority of the users are not much help.I have a lot of users using... sysadmin, securityadmin, serveradmin, setupadmin, processadmin, diskadmin...rights and don’t believe they all need the level of access.I am looking for a script i can run to audit the SQL Server security if anybody knows of one, i would like to include the last time the user logged on the databases they have access, and password strength (this is a plus).This will be very very helpful and I would appreciate it a great deal and save me a lot of time with the 100+ servers with an endless number of databases.Kind RegardsPetekKind RegardsPete. |
|
|
sodeep
Master Smack Fu Yak Hacker
7174 Posts |
Posted - 2008-12-05 : 09:07:13
|
| You have to get third-Party tools from Redgate or Idera to do that. |
 |
|
|
darkdusky
Aged Yak Warrior
591 Posts |
Posted - 2008-12-05 : 10:53:53
|
| The microsoft stored procedure "sp_help_revlogin" will help with the password strengths. (You may need to download the proc).This is provided to transfer logons - it generates a script of logins. The passwords are encrypted.You can then search the output file this for key phrases, e.g:"FROM WINDOWS" (Windows Authentication)"WITH PASSWORD" (SQL Authentication)CHECK_POLICY=OFF (SQL Authentication created with-out enforcing password policy)This should help to focus on possibly weak logons. |
|
|
|
sodeep
Master Smack Fu Yak Hacker
7174 Posts |
Posted - 2008-12-05 : 11:04:56
|
| Use my script : It will also give you headsup:http://www.sqlteam.com/forums/topic.asp?TOPIC_ID=111918 |
|
|
|
petek
Posting Yak Master
192 Posts |
Posted - 2008-12-08 : 03:34:07
|
| thanks Sodeep....kind RegardsPete KKind RegardsPete. |
|
|
|
|
|
|
SQL Server Security Audit....