how to allow tech to remote in to sbs 2008 server

I need to allow a programmer to remote onto my sbs 2008 server to work on a custom SQL application.  Should I set him up as an administrator, or use some other account?  If you could reply back with the best practice advice and also instruction on how to set him up: what to activate, what to not activate.
rodynetworkAsked:
Who is Participating?
 
SysExpertConnect With a Mentor Commented:
Remote control program like RDP, Free open source, but allows shared viewing  ( RDP  does not let you see what is happening at the console )

TightVNC, UltraVNC are both good.

test it and see.

0
 
thompsonwirelessCommented:
Don't allow anyone to use your administrator account.  Set up an account with admin rights and you can remove it or change the password if you want.  If you start changing admin passwords there's no telling what services and/or applications may stop working.
0
 
SysExpertCommented:
Only give him sufficient rights for what is actually needed.

If admin, then a New Admin account.

I would also key  an eye on what he is doing via VNC.

Do a system state backup at a minimum before giving access, and make sure your backups are all working properly.

I hope this helps !
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
rodynetworkAuthor Commented:
what is VNC?
0
 
thompsonwirelessCommented:
If he is a reputable DB administrator you may not have to babysit him.  When I left vendors into our server I don't care to watch over them.  I only want to know he did what he should have.  
0
 
Cliff GaliherCommented:
Answer has already been accepted, but I'll throw this out there:
Application programmers should not need access to the server *AT ALL.* I did software development in a previous life (including SQL development) and in my current live I've supervised many servers that host custom applications.
SQL Server is inherently a client-server application. An account can be given privileges in SQL server without getting any OS-level privileges, and all database work can be done remotely inclduing very intricate stored procedures, triggers, and other code-level procedures. The applicatoin should be using APIs that any SQL client install provides (whether they use ODBC or something more low-level) and thus server access is ultimately not required for any development work.
I cannot think, in all my years, where legitimate OS access was a required part of application development.
-Cliff
 
0
 
rodynetworkAuthor Commented:
Thanks cgaliher.  I am new to watching over my server.  I appreciate your input.  I will make sure I only give permission to access SQL and the development app.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.