Solved

sa role

Posted on 2009-05-15
3
437 Views
Last Modified: 2012-05-07
I am setting up security on a new SQL Server. In the Server Role I do not want anyone to have any permissions. However, I find that the default is the public role and that allows for Connect sa permission. Can some  please explain this to me. I know that sa is sequel authentication, but how does that effect server role security. In other words when I choose properties on one of the user logins they (by default) get sa connection as a server role. What does this mean?
Thanks
0
Comment
Question by:SeTech
  • 2
3 Comments
 
LVL 13

Expert Comment

by:St3veMax
ID: 24398871
'sa' is system administrator, a bit like Domain Admins in AD. It has control over everything.

You would NOT use this account for users to connect to, but you would create a new account (either Windows auth or SQL auth) and grant the permissions there.

HTH
0
 

Author Comment

by:SeTech
ID: 24399178
To be clear. i am looking in the Servers Role folder under Security in SSMS. In there are various roles, one of which is publc. Then when I check the properties of that role (public) it shows permission connect and grantor - sa. And that is the system administrator? And if yes I should change it to Deny. Because when I look into the properties of a login the default is public.
0
 
LVL 13

Accepted Solution

by:
St3veMax earned 500 total points
ID: 24399271
By default every account is made a member of the public role. If you change that to deny; should you need to connect with SA to correct some issue that's gone horribly wrong; you wont be able to.

I would leave those permissions alone as you dont really need to worry about those unless you give our the sa username and password for folks to connect with which I strongly advise against.

HTH
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

by Mark Wills Attending one of Rob Farley's seminars the other day, I heard the phrase "The Accidental DBA" and fell in love with it. It got me thinking about the plight of the newcomer to SQL Server...  So if you are the accidental DBA, or, simp…
This article explains how to reset the password of the sa account on a Microsoft SQL Server.  The steps in this article work in SQL 2005, 2008, 2008 R2, 2012, 2014 and 2016.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now