Re: something strange:|

---

• From: "Dan Guzman" <guzmanda@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Wed, 17 May 2006 07:09:06 -0500

---

Why do you say the information is contradictory? Perhaps the double
negative is confusing. Restricting CmdExec to sysadmin role members is the
same thing as not allowing non-sysadmin role members to use CmdExec.

In any case, you should avoid allowing non-sysadmin role members to use
CmdExec (creating proxy account) unless you have a specific reason to do so.

--
Hope this helps.

Dan Guzman
SQL Server MVP

<Eng.Rana@xxxxxxxxx> wrote in message
news:1147859895.957253.15840@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

i found something really strange and i want to know ur opinion in such
an issue,
i found that CmdExec should not be granted to users who r not member of
the sysadmin role.
while in Microsoft Baseline Security Analyzer (MBSA) 2.0 i found that
its recommended that CmdExec rights are restricted to Sysadmin only.
which completely contradicts!!!!!!!!!!!!!!!!
so which shall i do?????????????????????????

.

---

• References:
  • something strange:|
    • From: Eng . Rana

• Prev by Date: Re: Sql Server services
• Next by Date: Re: linked server from sql 2000 to sql 2005
• Previous by thread: something strange:|
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.sqlserver.security  > 2006-05