Uptime Legal Systems
asked on
Allow or deny access to SQL server with Active Directory groups
Hello;
We're looking for a simple way to create a group in Active Directory (called, for example, SQLUsers), then ONLY allow any access to a particular SQL server/instance to that group.
This does not need to be granular, or per-database. Users not in this group should not have any access whatsoever to the SQL server, the instance or any database within it. So I'm not interested in fine-tuning LEVELS of access (that we'll leave to SQL itself and/or the application that uses SQL), this is just for simply allowing (or disallowing) basic connectivity to SQL Server.
Ideas? Thanks all.
We're looking for a simple way to create a group in Active Directory (called, for example, SQLUsers), then ONLY allow any access to a particular SQL server/instance to that group.
This does not need to be granular, or per-database. Users not in this group should not have any access whatsoever to the SQL server, the instance or any database within it. So I'm not interested in fine-tuning LEVELS of access (that we'll leave to SQL itself and/or the application that uses SQL), this is just for simply allowing (or disallowing) basic connectivity to SQL Server.
Ideas? Thanks all.
If this is a preexisting instance, I would also peruse what login principals are there, as you may want to explicitly deny login for those principals/remove them (however, be careful to make sure that you don't break any external tasks/SQL Agent Jobs that may run/access the instance in that context).
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://stackoverflow.com/questions/5029014/how-to-add-active-directory-user-group-as-login-in-sql-server