Is there a Security Tool to verify or debug access?
From: Stephanie (stephanie.harrell_at_stateauto.com)
Date: 07/29/03
- Previous message: Audrey Lim: "Permissions to syslogins"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 29 Jul 2003 07:41:32 -0700
Is anyone aware of a tool or utility or proc that can help debug SQL
Security? We use Active Directory "groups" of Windows logins to give
users authority in SQL. I'm trying to find out why a user can delete
records when I don't think he should. For example
John Smith can delete a record from TableA. He is in a group called
"Security B" which has db_readonly role assigned, yet he can still
delete records. Obviously he is in another group with more authority,
but which one? He could also be a member of a group with SysAdmin
authority, so just looking at table permissions doesn't work either.
Is there anything out there where you can "verify" and id and it's
access or track how an id gains access. Sql has to do the work anyway
to resolve the permissions, there ought to be a way to report it.
Let me type in a userid, table and function and it report "yes -
granted by membership in 'groupname'" or "no - denied by ......"
- Previous message: Audrey Lim: "Permissions to syslogins"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
