Friday, February 24, 2012

About SQL Server 2005 Management Studio

i would like to ask if there is a way to FILTER THE IPADDRESSES of users who wants to login the SQL Server Management Studio. right now, we are using Enterprise Edition of SQL Server 2005.

i just want to limit the users who can log in at Management Studio, the users know the password of SA, and i can't change the password coz we have deployed the programs with odbc connection using SA. so i thought of filtering the ipaddress of computers i want to grant access to SQL Server Management Studio, if its possible.

need a help.

thanks

I'm not sure you are able to do this unless you can write some sort of database/server scoped trigger that checks which application/IP the request is coming from (does anyone know if thats possible?).

However, remember that SSMS is just a GUI intended to make administration easier and restricted access to this tool doesn't really plug the serious security risk you have in using the sa password. Malicious users would still be able to use other methods of accessing the database eg osql.

Obviously, you should seriously consider stopping your application using the sa account for database access. At the very least, its good practice to create another user with sysadmin priveleges (eg saUser) and use this instead though operating a policy of least privelege is most best practice.

HTH|||

thank you richbrownesq.

No comments:

Post a Comment