Solved

guest User Access

Posted on 2014-03-18
3
360 Views
Last Modified: 2014-03-19
Hi,

Is there a query I can run to determine which permissions the guest account has? Would it be considered an exception if the guest has access to master, msdb, and tempdb?

Thanks!

--
Vic
0
Comment
Question by:VicBel
  • 2
3 Comments
 
LVL 39

Accepted Solution

by:
lcohan earned 250 total points
ID: 39938021
"You should not disable the guest user in the msdb database in SQL Server'

http://support.microsoft.com/kb/2539091

"how to find guest account is enabled or disabled sql server"
https://sites.google.com/site/jayantdass/how-to-find-guest-account-is-enabled-or-disabled-sql-server
0
 
LVL 69

Assisted Solution

by:ScottPletcher
ScottPletcher earned 250 total points
ID: 39938225
>> is there a query ... <<

Takes more of a mini-script, like below, to make sure you include all permissions that might have been given to the guest account:

USE msdb

DECLARE @guest_principal_id int
SELECT @guest_principal_id = principal_id
FROM sys.database_principals
WHERE
    name = 'guest'

SELECT *
FROM sys.database_permissions dp
WHERE
    dp.grantee_principal_id = @guest_principal_id

SELECT dp.name
FROM sys.database_role_members drm
INNER JOIN sys.database_principals dp ON
    dp.principal_id = drm.role_principal_id
WHERE
    drm.member_principal_id = @guest_principal_id


>> Would it be considered an exception if the guest has access to master, msdb, and tempdb? <<

No, and you don't want to remove "CONNECT" permission from guest to any of those databases (unless, I guess, you're absolutely certain you know what you're doing and that it won't cause an issue, but only a very experienced DBA should even try it).
0
 
LVL 69

Expert Comment

by:ScottPletcher
ID: 39940499
Hope this helped you out here.  Good luck on future qs.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to reset the password of the sa account on a Microsoft SQL Server.  The steps in this article work in SQL 2005, 2008, 2008 R2, 2012, 2014 and 2016.
This article shows gives you an overview on SQL Server 2016 row level security. You will also get to know the usages of row-level-security and how it works
This video shows, step by step, how to configure Oracle Heterogeneous Services via the Generic Gateway Agent in order to make a connection from an Oracle session and access a remote SQL Server database table.
Viewers will learn how the fundamental information of how to create a table.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now