Solved

Ability to Apply Group Policy allowing access to SQL Enterprise management console

Posted on 2006-11-10
1
477 Views
Last Modified: 2013-12-03
I have a group of users who must be able to access the SQL Enterprise Management Console from their own machines to see DBs on the network. I only want them to be able to see just this console and not be able to open any other mmc. I do not see a specific extension console to enable in the GPO. Is there any way to do this without openning the whole flood gate of mmc consoles. i want to keep the environment restricted from this. Please HELP!!

0
Comment
Question by:pterranova13
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 17917992
Save the following (from and including "CLASS USER") as MMC-SQLSnapIn.adm (or whatever.adm), and import it into the group policy editor. You can then allow the SQL manager (you'll find the entry under "Additional Settings").
You might have to remove line breaks in the "MMC_Restrict_Explain" string.
Restrict_Run
http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/regentry/93792.mspx?mfr=true

CLASS USER

CATEGORY !!AdditionalSettings
 CATEGORY !!MMC
  CATEGORY !!MMC_RESTRICT
   POLICY "SQL Enterprise Manager"
    KEYNAME "Software\Policies\Microsoft\MMC\{00100100-1816-11d0-8EF5-00AA0062C58F}"
    EXPLAIN !!MMC_Restrict_Explain
    VALUENAME "Restrict_Run"
    VALUEON NUMERIC 0
    VALUEOFF NUMERIC 1
   END POLICY
  END CATEGORY
 END CATEGORY
END CATEGORY

[strings]
AdditionalSettings="Additional Settings"
MMC="Microsoft Management Console"
MMC_RESTRICT="Restricted/Permitted snap-ins"
MMC_Restrict_Explain="Permits or prohibits use of this snap-in.\n\nIf you enable this setting, the snap-in is permitted. If you disable the setting, the snap-in is prohibited.\n\nIf this setting is not configured, the setting of the "Restrict users to the explicitly permitted list of snap-ins" setting determines whether this snap-in is permitted or prohibited.\n\n--  If "Restrict users to the explicitly permitted list of snap-ins" is enabled, users cannot use any snap-in except those explicitly permitted.\n\n    To explicitly permit use of this snap-in, enable this setting. If this setting is not configured (or disabled), this snap-in is prohibited.\n\n--  If "Restrict users to the explicitly permitted list of snap-ins" is disabled or not configured, users can use any snap-in except those explicitly prohibited.\n\n    To explicitly prohibit use of this snap-in, disable this setting. If this setting is not configured (or enabled), the snap-in is permitted.\n\nWhen a snap-in is prohibited, it does not appear in the Add/Remove Snap-in window in MMC. Also, when a user opens a console file that includes a prohibited snap-in, the console file opens, but the prohibited snap-in does not appear."
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question