rodynetwork
asked on
how to allow tech to remote in to sbs 2008 server
I need to allow a programmer to remote onto my sbs 2008 server to work on a custom SQL application. Should I set him up as an administrator, or use some other account? If you could reply back with the best practice advice and also instruction on how to set him up: what to activate, what to not activate.
Don't allow anyone to use your administrator account. Set up an account with admin rights and you can remove it or change the password if you want. If you start changing admin passwords there's no telling what services and/or applications may stop working.
Only give him sufficient rights for what is actually needed.
If admin, then a New Admin account.
I would also key an eye on what he is doing via VNC.
Do a system state backup at a minimum before giving access, and make sure your backups are all working properly.
I hope this helps !
If admin, then a New Admin account.
I would also key an eye on what he is doing via VNC.
Do a system state backup at a minimum before giving access, and make sure your backups are all working properly.
I hope this helps !
ASKER
what is VNC?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If he is a reputable DB administrator you may not have to babysit him. When I left vendors into our server I don't care to watch over them. I only want to know he did what he should have.
Answer has already been accepted, but I'll throw this out there:
Application programmers should not need access to the server *AT ALL.* I did software development in a previous life (including SQL development) and in my current live I've supervised many servers that host custom applications.
SQL Server is inherently a client-server application. An account can be given privileges in SQL server without getting any OS-level privileges, and all database work can be done remotely inclduing very intricate stored procedures, triggers, and other code-level procedures. The applicatoin should be using APIs that any SQL client install provides (whether they use ODBC or something more low-level) and thus server access is ultimately not required for any development work.
I cannot think, in all my years, where legitimate OS access was a required part of application development.
-Cliff
Application programmers should not need access to the server *AT ALL.* I did software development in a previous life (including SQL development) and in my current live I've supervised many servers that host custom applications.
SQL Server is inherently a client-server application. An account can be given privileges in SQL server without getting any OS-level privileges, and all database work can be done remotely inclduing very intricate stored procedures, triggers, and other code-level procedures. The applicatoin should be using APIs that any SQL client install provides (whether they use ODBC or something more low-level) and thus server access is ultimately not required for any development work.
I cannot think, in all my years, where legitimate OS access was a required part of application development.
-Cliff
ASKER
Thanks cgaliher. I am new to watching over my server. I appreciate your input. I will make sure I only give permission to access SQL and the development app.