Re: Profiler Security
From: Richard Waymire [MSFT] (rwaymi_at_online.microsoft.com)
Date: 01/10/04
- Next message: Dan Guzman: "Re: Profiler Security"
- Previous message: Dan Guzman: "Re: Using PwdEncrypt"
- In reply to: Dan Guzman: "Re: Profiler Security"
- Next in thread: Dan Guzman: "Re: Profiler Security"
- Reply: Dan Guzman: "Re: Profiler Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 10 Jan 2004 09:31:02 -0800
Yes, it will be grantable in the next release. However, you should think
through the implications of doing this before granting the capability to run
trace. There's no way to restrict what a user of trace can see - if they
can run a trace they can see ALL traffic, queries, stats, admin commands,
etc. coming into SQL Server. You need to be comfortable with that level of
visibility being available to someone who can use profiler.
-- Richard Waymire, MCSE, MCDBA This posting is provided "AS IS" with no warranties, and confers no rights. "Dan Guzman" <danguzman@nospam-earthlink.net> wrote in message news:eDAJtxl1DHA.2480@TK2MSFTNGP10.phx.gbl... > > This really is not a good enough answer, from a > > development point of view alot of companies need to give > > their developers access to use SQL Profiler and do not > > want to assign the developers the sys admin sql role. > > > > Will there be a way in the future to get around this? > > This is a hot topic with alot of people and we are all > > looking for a way around this. > > A lot of folks agree and it looks like this may make it into the next > version of SQL Server. From last month's chat: > > <Excerpt > href="http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itc > ommunity/chats/trans/SQL/sql1209.asp"> > > Host: DanWinn (Microsoft) > > Q: Why can't Profiler run without logging in as Admin? Profiler is very > useful for developers, but I don't want to give them admin rights. > > A: In SQL Server 2000, one requires admin rights to create a SQL Trace. As > such, Profiler must log in as an admin. In Yukon, there is an ALTER TRACE > permission which may be granted to non-admins which allows them to create a > SQL Trace. > > </Excerpt> > > -- > Hope this helps. > > Dan Guzman > SQL Server MVP > > > "Darryl Stovell" <subscriptions@hambs.com.au> wrote in message > news:066801c3d63d$32689650$a101280a@phx.gbl... > > This really is not a good enough answer, from a > > development point of view alot of companies need to give > > their developers access to use SQL Profiler and do not > > want to assign the developers the sys admin sql role. > > > > Will there be a way in the future to get around this? > > This is a hot topic with alot of people and we are all > > looking for a way around this. > > > > Thanks > > > > >-----Original Message----- > > >Sorry, you need to be a member of the sysadmin role. > > > > > >-- > > >Tom > > > > > >--------------------------------------------------------- > > ------ > > >Thomas A. Moreau, BSc, PhD, MCSE, MCDBA > > >SQL Server MVP > > >Columnist, SQL Server Professional > > >Toronto, ON Canada > > >www.pinnaclepublishing.com/sql > > > > > > > > >"Manoj Raheja" <anonymous@discussions.microsoft.com> > > wrote in message > > >news:035e01c3d510$f81fc310$a001280a@phx.gbl... > > >How to run profiler with login other than sa \ sa rights. > > >Is there any other way I can specify the permissions to a > > >user for only executing Trace \ Profiler. > > > > > >Thanks, > > >Manoj Raheja > > >manoj.raheja@hotmail.com > > > > >
- Next message: Dan Guzman: "Re: Profiler Security"
- Previous message: Dan Guzman: "Re: Using PwdEncrypt"
- In reply to: Dan Guzman: "Re: Profiler Security"
- Next in thread: Dan Guzman: "Re: Profiler Security"
- Reply: Dan Guzman: "Re: Profiler Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
