Deb Melkin (b | t) is hosting T-SQL Tuesday this month and is letting us rant. Who doesn’t like to rant about databases and the famous “it depends”? She mentioned even doing a Ted Talk, we should find out more about this, she just linked to all the talks, I
I had a problem at work recently where a record was getting updated, and no one knew where or what was updating the record. Our team discussed the best way to try to figure out what was happening. The situation was if a record would be updated to active and
Recently I spent months of my lift working on STIG and CIS compliance at my job and one of those tasks was setting up SQL Audit for STIG. Now, that might seem like a trivial task after all don’t you just have to create an audit and audit specification and
Well back at the end of 2019 I finished writing most of the checks related to the CIS Center for Internet Security requirements. I have yet to write a blog post on how to use them. So, well here is how to go about using them, it’s mostly code so
A recent project involved setting up encrypted connections on all our SQL Servers. To this we would have to install a certificate in on the server and restart the SQL Server service. Direction on how to do this on an individual instance are provided by Microsoft. We have test environments
Manage logins and server roles Configure server security (http://msdn.microsoft.com/en-us/library/bb283235.aspx) Secure the SQL Server using Windows Account/SQL Server accounts, server roles Server-Level Roles (http://msdn.microsoft.com/en-us/library/ms188659.aspx) Create log in accounts (http://msdn.microsoft.com/en-us/library/aa337562.aspx) Manage access to the server, SQL Server instance, and databases Database Roles (http://msdn.microsoft.com/en-us/library/ms189121.aspx) Create and maintain user-defined server roles (http://msdn.microsoft.com/en-us/library/ee677627.aspx) Manage
Below is another script I frequently use to list what users or roles have what permissions to tables and views in our database. It basically cursors through the list of objects and stores the results of sp_helprotect in a temp table then displays the results. DECLARE helpprotect CURSOR READ_ONLY FOR
We receiving have been working with auditors to provide a list of SQL logins that exist in each database role defined. Here is a short script to return all the members of each group that can easily be copied into Excel and shared with auditors and anybody else looking for