Re: How to use EFS to encrypt SQL DB file
From: Donna Lambert [MS] (dlambert@online.microsoft.com)
Date: 05/09/02
- Next message: Hlin: "SQL Agent"
- Previous message: Chris Beardsley: "Security infrastructure plan"
- In reply to: Jacky Wong: "Re: How to use EFS to encrypt SQL DB file"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: dlambert@online.microsoft.com (Donna Lambert [MS]) Date: Thu, 09 May 2002 17:14:48 GMT
Open Services, find the MSSQLServer service. View the properties. View
the Log On tab. You want to make sure that SQL is starting here with an
account that has the right to decrypt the mdf file. Usually the best bet
is to make sure it's an administrator. Also it will need additional
rights. You can find out more about these in Books Online, but basically
you'll need Act as part of the OS, Log on as a service, Log on as a batch
job, and replace a process level token. Those are just the basics, if you
are doing other things, more rights might be required.
Anyway, hope that helps.
Donna Lambert
Microsoft SQL Server Support
Disclaimer:
This posting is provided “AS IS” with no warranties, and confers no rights.
Are you secure? For information about the Microsoft Strategic Technology
Protection Program and to order your FREE Security Tool Kit, please visit
http://www.microsoft.com/security.
Recent viruses on the Internet underscore the threat to all computer users
and highlight challenges facing the entire industry in providing security
that everyone needs to conduct business. I encourage you to sign up to
receive automatic notification of Microsoft Security Bulletins by visiting
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
bulletin/notify.asp. For more information on security, our Strategic
Technology Protection Program and to order your FREE Security Tool Kit,
please visit http://www.microsoft.com/security. We will be happy to answer
any questions or provide assistance with your security needs.
--------------------
| Content-Class: urn:content-classes:message
| From: "Jacky Wong" <jackywong@solutionexpert.com.hk>
| Sender: "Jacky Wong" <jackywong@solutionexpert.com.hk>
| References: <1ab201c1f709$ab296e30$9be62ecf@tkmsftngxa03>
<esXSIMx9BHA.2196@tkmsftngp04>
| Subject: Re: How to use EFS to encrypt SQL DB file
| Date: Thu, 9 May 2002 00:06:26 -0700
| Lines: 23
| Message-ID: <19d201c1f728$094824c0$39ef2ecf@TKMSFTNGXA08>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="iso-8859-1"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
| Thread-Index: AcH3KAlI9zAb26LrSQ2CgkTrvhKS0g==
| Newsgroups: microsoft.public.sqlserver.security
| Path: cpmsftngxa07
| Xref: cpmsftngxa07 microsoft.public.sqlserver.security:5726
| NNTP-Posting-Host: TKMSFTNGXA08 10.201.226.36
| X-Tomcat-NG: microsoft.public.sqlserver.security
|
| Thank you very much for your reply. I have try to read the
| SQL server help for the Service account topic but I still
| don't understand how to set it. Is there any hint
| available? Many thanks.
| Best Regards,
| Jacky
| >-----Original Message-----
| > Please make sure that the Service account is also
| authorized to access
| >the encrypted files. You can do this from Windows
| Explorer for instance.
| >Without this, only the recovery agents & the user who
| encrypted the file can
| >decrypt it. See the NT docs for more details.
| >
| >--
| >Umachandar Jayachandran
| >SQL Resources at http://www.umachandar.com/resources.htm
| >( Please reply only to newsgroup. )
| >
| >
| >.
| >
|
- Next message: Hlin: "SQL Agent"
- Previous message: Chris Beardsley: "Security infrastructure plan"
- In reply to: Jacky Wong: "Re: How to use EFS to encrypt SQL DB file"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
