Distributing a hardened SQL Express 2014 Instance

I have an instance of SQL Express 2014 that I have hardened using the Security Technical Implementation Guide (STIG).  Now I have to ensure that my new and existing customers well over 100 of them get a hardened installation.

Going to each machine and spending 1-2 days implementing the STIG is not a viable solution.

My question is:
Is there a way to distribute my entire instance including all db's, triggers, stored procedures, users, roles, permissions etc?
PSCTECHAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David ToddSenior DBACommented:
Hi,

Can you a) script the hardening you have done, and b) add a backup of a template application database?

HTH
  David
0
PSCTECHAuthor Commented:
I can only script what I have done.  Unfortunately, there were other people who worked on this before it was given to me and they didn't save any scripts or provide any documentation of what they did.

Forgive my ignorance, but I don't understand what you mean by "add a backup of a template application database".
I'm not a DBA, this was just thrown in my lap.
0
David ToddSenior DBACommented:
Hi,

If your application uses one user database, then most of what you want will be in that database.

As for the other things your colleagues have done - you'll have to redo them as scripts. As per another thread, this is basic development discipline. Its okay to use the gui for one-offs, and for learning, but for repeatable things, tasks need to be scripted. Actually, now the GUI can be used and before applying generate the appropriate script.

In that sense its just like coding - you don't do something, you develop code that can be compiled and produce an executable.

See if using a contained database, which I believe came out in 2008R2 or maybe 2012, can help. Some of the other things - logins for instance - are contained within the database so when it moves from server to server it doesn't have orphaned users etc.

Regards
  David
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
PSCTECHAuthor Commented:
Thanks for the quick response and follow ups.  I appreciate your help with this matter.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft SQL Server

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.