Re: SPN Requirement
- From: Sue Hoegemeier <Sue_H@xxxxxxxxxxxxx>
- Date: Wed, 11 Oct 2006 09:35:28 -0600
Your welcome Bo - the spns can sometimes be nasty to deal
with. You should be sitting okay now though. Keep us posted.
-Sue
On Tue, 10 Oct 2006 21:35:02 -0700, Erik Bo Sørensen
<ErikBoSrensen@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
Dear Sue et al
Thank you Sue for translating the Error code (I?ll better find out how to
translate these myself ? that could have saved me ? and this newsgroup ? a
lot of time).
Making SQLSrvRunas member of Domain Admin and restarting SQL Server -
"solved the problem".
As Sue point out, making the SQL Service account member of the domain
administrators group is of cause not an acceptable solution - and would be in
conflict with the Microsoft hardening recommendations for secure database
servers:
?Run the SQL Server service using a least privileged account to minimize the
damage that can be done by an attacker who manages to execute operating
system commands from SQL Server. The SQL Server service account should not be
granted elevated privileges such as membership to the Administrators group.?
I?ll look into the blog, Sue mentioned and will get back to conclude this
thread WHEN
I?m wiser!
Thanks again Sue for your time and effort spend and wise advises!
.
- References:
- Re: SPN Requirement
- From: Sue Hoegemeier
- Re: SPN Requirement
- From: Erik Bo Sørensen
- Re: SPN Requirement
- From: Sue Hoegemeier
- Re: SPN Requirement
- From: Erik Bo Sørensen
- Re: SPN Requirement
- From: Erik Bo Sørensen
- Re: SPN Requirement
- From: Sue Hoegemeier
- Re: SPN Requirement
- From: Erik Bo Sørensen
- Re: SPN Requirement
- From: Sue Hoegemeier
- Re: SPN Requirement
- From: Erik Bo Sørensen
- Re: SPN Requirement
- Prev by Date: Re: SQL to get a list of users/roles/permissions
- Next by Date: sp_xp_cmdshell_proxy_account error
- Previous by thread: Re: SPN Requirement
- Next by thread: SQL2005: Security Design Question
- Index(es):
Relevant Pages
|
