asked on

GUEST account in SQL Server

If you know that server level logins to a specific SQL Server instance are all trusted/authorised staff, then is there any risk at all in enabling the GUEST account on certain user databases. My understanding of GUEST was its not "anyone in the network", you need to already be a SQL server level login anyway, hence if they are all authorised, is there any risk whatsoever in leaving GUEST enabled on these databases?

Vitor Montalvão

you need to already be a SQL server level login anyway,

Not true. The GUEST means anybody with no login will use GUEST login to access the SQL Server instance. There's a reason for why Microsoft disable this account by default. Enable it at your own risk.

ASKER CERTIFIED SOLUTION

microhead

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Timoros

You should not enable the Guest account for access in you SQL server.
It's better to create an account to access your databases and give it to the users that you want to have access.

Pau Lo

ASKER

So a user with literally no access to the SQL Server whatsoever can access the database via the GUEST account?

Pau Lo

ASKER

top 2 respones some to contradict one another...

Vitor Montalvão

Sorry, my comment was wrong. Guest account can be used by any existing SQL Server Login. So, if the Guest has more rights than another SQL Server Login it can be used to perform not permissioned actions.

draes

Same here. Any SQL user not mapped to a specific database. could use the guest account to gain access

EugeneZ

you have everything what you need to know about
"Guest" sql user
from microhead post
as it said:
"guest" is sql server "default" built-in feature for master, msdb, and tempb system databases:
do not worry about these system DBS
Just delete from user DBS ( including from model if you have)