AW: Restricting CmdExec Rights to Sysadmin

From: Jens Mickerts (j.mickerts@bmp-si.de)
Date: 02/20/03

  • Next message: dave: "RE: [despammed] Defeating password cracking"
    Date: Thu, 20 Feb 2003 08:55:12 +0100
    From: "Jens Mickerts" <j.mickerts@bmp-si.de>
    To: <fh@rcs.urz.tu-dresden.de>
    
    

    Hi,

    have a look in the Books Online in MSDN. It should be possible to accomplish this using revoke, but I cannot give you the exact syntax. If you have plenty of time or a SQL Server installation you can revoke the rights using Enterprise Manager and run the Profiler while doing so. This will give you the Transact SQL Syntax you can use with the MSDN.

    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/acdata/ac_8_con_03_9rar.asp

    Regards,

    Jens Mickerts
      

    -----Ursprüngliche Nachricht-----
    Von: Frank Heyne [mailto:fh@rcs.urz.tu-dresden.de]
    Gesendet: Mittwoch, 19. Februar 2003 09:25
    An: focus-ms@securityfocus.com
    Betreff: Restricting CmdExec Rights to Sysadmin

    Hello,

    MBSA does say it is a problem on a machine which has no SQL Server,
    but MSDE installed: "To secure your database, you should only allow
    members of the sysadmin role to execute CmdExec and ActiveScripting
    job steps."

    Does anyone have any idea how to correct this problem?
    MBSA only has a solution for MS SQL Server, but the MSDE does not
    have an Enterprise Manager, and therefore the solution does not work.

    I did already google for "Restricting CmdExec Rights to Sysadmin",
    but got only 4 hits, none of them for the MSDE.

    Frank Heyne



    Relevant Pages

    • Re: Restricting CmdExec Rights to Sysadmin
      ... Restricting CmdExec Rights to Sysadmin ... > MBSA does say it is a problem on a machine which has no SQL Server, ... > but MSDE installed: "To secure your database, ...
      (Focus-Microsoft)
    • Restricting CmdExec Rights to Sysadmin
      ... MBSA does say it is a problem on a machine which has no SQL Server, ... MBSA only has a solution for MS SQL Server, but the MSDE does not ... I did already google for "Restricting CmdExec Rights to Sysadmin", ...
      (Focus-Microsoft)