Re: Not using SA - Then what?

From: Sue Hoegemeier (Sue_H@nomail.please)
Date: 05/31/02 

From: Sue Hoegemeier <Sue_H@nomail.please>
Date: Fri, 31 May 2002 12:54:03 -0600

If you are using SQL Server 2000, there are some templates
you can view through Query Analyzer's objects browser -
click on the templates tab. We've used templates extensively
on some projects I've been on for comments, copyrights,
adherence to coding standards, etc. It definitely helped the
maintainability of the stored procedures.
One think to keep in mind though is that members of
db_owners do not have their objects owned by dbo. They still
have to be qualified as dbo.object_name. That's one of the
scenario examples used in the books online topic I referred
you to.

-Sue

On Fri, 31 May 2002 14:37:14 -0400, "Chris Beardsley"
<clb39@nospam-cornell.edu> wrote:

>> You can add developers to the db_owner role and use Windows
>> authentication.
>> Any objects they create will be owned by dbo.
>This is the morsel of information I was seeking. But it sounds to me like I
>have much more to learn about good security practices... Sue's point of
>using a template for building objects and your (Linda's) point about having
>them build the objects then someone with the proper credentials impliment
>the code through query analyzer sounds like a solid framework for security
>and quality assurance. Now - any idea where I can begin reviewing sample
>templates ; ) ?
>
>Thank you both for your input. Sue - and thank you for some of your other
>responses which I also gained knowledge from.
>
>Chris
>
>"lindawie" <lindawie@my-deja.com> wrote in message
>news:uX#FsiLCCHA.2656@tkmsftngp05...
>> Chris,
>>
>> > I have read that people should not be using SA for anything. How then
>> > do I have multiple developers/managers login to enterprise manager
>> > etc but have all the objects owned by dbo (we each have diff NT
>> > logins)? If SA is stored in clear text in some situations, wouldn't
>> > all uid/pswrd combo's appear in clear text?
>> >
>> > We have wrestled with people making and therefore owning objects, and
>> > causing headaches in the past...
>>
>> Change the SA password and don't give it to anyone.
>>
>> You can add developers to the db_owner role and use Windows
>> authentication.
>> Any objects they create will be owned by dbo.
>>
>> A much better approach is to have developers write scripts to create all
>> objects and then you execute the scripts either in Query Analyzer or
>> in batch using osql.
>>
>> Linda
>>
>>
>

Relevant Pages

  • Re: Where can I find archives of this group?
    ... Doug Laidlaw wrote: ... I have the printout of the main reply, ... answered a query about the OBJECT tag being put there only to keep a ... All the templates look fine until I get them on the Web I have ...
    (comp.infosystems.www.authoring.html)
  • Re: Response Library Add-In - Response Templates!
    ... Since posting this query I have found: ... auto correct does not provide the time saving functionality I am ... - that associated attachments with templates - so you could respond to ... an email query in few clicks. ...
    (microsoft.public.outlook)
  • RE: Does any one have a company Profile template (MS Word) which can .
    ... Try searching on Google or checking out the templates on www.microsoft.com ... "query" wrote: ... Prev by Date: ...
    (microsoft.public.word.docmanagement)
  • RE: Use of IF then Else syntax in Access
    ... I'll post a sample of a pass-thru query that I use in a separate message. ... It should give you an idea of the syntax differences. ... that the dbo_ before the table name gets changed to dbo. ... go to query on the menu and choose sql specific, ...
    (microsoft.public.access.queries)
  • Re: Need to display results of Stored Proceedure with Criteria
    ... I was able to now get the SP to have dbo as the owner, ... doesn't show the create proceedure part in the sql part of the query builder ... don't forget to refresh the query list ... Sylvain Lafontaine, ing. ...
    (microsoft.public.access.adp.sqlserver)