Hi Folks,
We have some inhouse applications developed using microsoft technologies
like C#.net,asp.net and sql server 2000 and we have third party applicatio
ns
using sql server 2000.
In all our sql servers we configured as below.
we created domain level user accounts(service accounts) like SA_Server1.
we made that SA_server1 as member of local administrator group on the
server where SQLserver2000 software got installed.
we are using SA_server1 account to run mssqlserver service (windows
service).
All our proudction sql server are windows clusters with 2 nodes.
we have mixed mode authentication. And all users in Builtin/Administrators
group are sql users.
Using that domain level service account (SA_Server1) credentials,we can
login to that particualr sql server locally to check everything is working
fine.
Everything is working fine.
Recently Sarbanes-Oxley Audit conducted in our company.
One of the questions they asked is as given below.
1.why Interactive log-in is turned ON for that mssqlservice accounts? (for
SA_Server1) ?
They don't want any one to login to that server locally using that domain
account credentials.
2.Why builtin/administrators are part of sql users?
How can we prevent anyone logging in to that sql server locally using that
service account credentials?
we will be giving that credentials for the 2,3 administrative people only.
But we don't want them also to login to that server locally using service
account credentials.
They should login to that server using their own windows accounts.
How can we turn OFF that interactive log-on?
is it in group policy or local policy or Active directory member profile?
What are the best security practices for sql server 2000 configuration
mainly with service accounts?
Any kind of help is greatly appreciated.
--KumarDeny Logon locally right to the account used to start sql server services is
recommended to prevent someone from using sql server service account to logi
n
to the sql server.
Hope this hepls
"Kumar" wrote:
> Hi Folks,
> We have some inhouse applications developed using microsoft technologies
> like C#.net,asp.net and sql server 2000 and we have third party applicat
ions
> using sql server 2000.
> In all our sql servers we configured as below.
> we created domain level user accounts(service accounts) like SA_Server1.
> we made that SA_server1 as member of local administrator group on the
> server where SQLserver2000 software got installed.
> we are using SA_server1 account to run mssqlserver service (windows
> service).
> All our proudction sql server are windows clusters with 2 nodes.
> we have mixed mode authentication. And all users in Builtin/Administrators
> group are sql users.
> Using that domain level service account (SA_Server1) credentials,we can
> login to that particualr sql server locally to check everything is working
> fine.
> Everything is working fine.
>
> Recently Sarbanes-Oxley Audit conducted in our company.
> One of the questions they asked is as given below.
> 1.why Interactive log-in is turned ON for that mssqlservice accounts? (fo
r
> SA_Server1) ?
> They don't want any one to login to that server locally using that doma
in
> account credentials.
> 2.Why builtin/administrators are part of sql users?
>
> How can we prevent anyone logging in to that sql server locally using that
> service account credentials?
> we will be giving that credentials for the 2,3 administrative people only
.
> But we don't want them also to login to that server locally using service
> account credentials.
> They should login to that server using their own windows accounts.
>
> How can we turn OFF that interactive log-on?
> is it in group policy or local policy or Active directory member profile
?
>
> What are the best security practices for sql server 2000 configuration
> mainly with service accounts?
>
>
> Any kind of help is greatly appreciated.
>
> --Kumar
>
Showing posts with label party. Show all posts
Showing posts with label party. Show all posts
Wednesday, March 28, 2012
MSSQ server service (widnows service) account configuration --
Hi Folks,
We have some inhouse applications developed using microsoft technologies
like C#.net,asp.net and sql server 2000 and we have third party applications
using sql server 2000.
In all our sql servers we configured as below.
we created domain level user accounts(service accounts) like SA_Server1.
we made that SA_server1 as member of local administrator group on the
server where SQLserver2000 software got installed.
we are using SA_server1 account to run mssqlserver service (windows
service).
All our proudction sql server are windows clusters with 2 nodes.
we have mixed mode authentication. And all users in Builtin/Administrators
group are sql users.
Using that domain level service account (SA_Server1) credentials,we can
login to that particualr sql server locally to check everything is working
fine.
Everything is working fine.
Recently Sarbanes-Oxley Audit conducted in our company.
One of the questions they asked is as given below.
1.why Interactive log-in is turned ON for that mssqlservice accounts? (for
SA_Server1) ?
They don't want any one to login to that server locally using that domain
account credentials.
2.Why builtin/administrators are part of sql users?
How can we prevent anyone logging in to that sql server locally using that
service account credentials?
we will be giving that credentials for the 2,3 administrative people only.
But we don't want them also to login to that server locally using service
account credentials.
They should login to that server using their own windows accounts.
How can we turn OFF that interactive log-on?
is it in group policy or local policy or Active directory member profile?
What are the best security practices for sql server 2000 configuration
mainly with service accounts?
Any kind of help is greatly appreciated.
--KumarDeny Logon locally right to the account used to start sql server services is
recommended to prevent someone from using sql server service account to login
to the sql server.
Hope this hepls
"Kumar" wrote:
> Hi Folks,
> We have some inhouse applications developed using microsoft technologies
> like C#.net,asp.net and sql server 2000 and we have third party applications
> using sql server 2000.
> In all our sql servers we configured as below.
> we created domain level user accounts(service accounts) like SA_Server1.
> we made that SA_server1 as member of local administrator group on the
> server where SQLserver2000 software got installed.
> we are using SA_server1 account to run mssqlserver service (windows
> service).
> All our proudction sql server are windows clusters with 2 nodes.
> we have mixed mode authentication. And all users in Builtin/Administrators
> group are sql users.
> Using that domain level service account (SA_Server1) credentials,we can
> login to that particualr sql server locally to check everything is working
> fine.
> Everything is working fine.
>
> Recently Sarbanes-Oxley Audit conducted in our company.
> One of the questions they asked is as given below.
> 1.why Interactive log-in is turned ON for that mssqlservice accounts? (for
> SA_Server1) ?
> They don't want any one to login to that server locally using that domain
> account credentials.
> 2.Why builtin/administrators are part of sql users?
>
> How can we prevent anyone logging in to that sql server locally using that
> service account credentials?
> we will be giving that credentials for the 2,3 administrative people only.
> But we don't want them also to login to that server locally using service
> account credentials.
> They should login to that server using their own windows accounts.
>
> How can we turn OFF that interactive log-on?
> is it in group policy or local policy or Active directory member profile?
>
> What are the best security practices for sql server 2000 configuration
> mainly with service accounts?
>
>
> Any kind of help is greatly appreciated.
>
> --Kumar
>
We have some inhouse applications developed using microsoft technologies
like C#.net,asp.net and sql server 2000 and we have third party applications
using sql server 2000.
In all our sql servers we configured as below.
we created domain level user accounts(service accounts) like SA_Server1.
we made that SA_server1 as member of local administrator group on the
server where SQLserver2000 software got installed.
we are using SA_server1 account to run mssqlserver service (windows
service).
All our proudction sql server are windows clusters with 2 nodes.
we have mixed mode authentication. And all users in Builtin/Administrators
group are sql users.
Using that domain level service account (SA_Server1) credentials,we can
login to that particualr sql server locally to check everything is working
fine.
Everything is working fine.
Recently Sarbanes-Oxley Audit conducted in our company.
One of the questions they asked is as given below.
1.why Interactive log-in is turned ON for that mssqlservice accounts? (for
SA_Server1) ?
They don't want any one to login to that server locally using that domain
account credentials.
2.Why builtin/administrators are part of sql users?
How can we prevent anyone logging in to that sql server locally using that
service account credentials?
we will be giving that credentials for the 2,3 administrative people only.
But we don't want them also to login to that server locally using service
account credentials.
They should login to that server using their own windows accounts.
How can we turn OFF that interactive log-on?
is it in group policy or local policy or Active directory member profile?
What are the best security practices for sql server 2000 configuration
mainly with service accounts?
Any kind of help is greatly appreciated.
--KumarDeny Logon locally right to the account used to start sql server services is
recommended to prevent someone from using sql server service account to login
to the sql server.
Hope this hepls
"Kumar" wrote:
> Hi Folks,
> We have some inhouse applications developed using microsoft technologies
> like C#.net,asp.net and sql server 2000 and we have third party applications
> using sql server 2000.
> In all our sql servers we configured as below.
> we created domain level user accounts(service accounts) like SA_Server1.
> we made that SA_server1 as member of local administrator group on the
> server where SQLserver2000 software got installed.
> we are using SA_server1 account to run mssqlserver service (windows
> service).
> All our proudction sql server are windows clusters with 2 nodes.
> we have mixed mode authentication. And all users in Builtin/Administrators
> group are sql users.
> Using that domain level service account (SA_Server1) credentials,we can
> login to that particualr sql server locally to check everything is working
> fine.
> Everything is working fine.
>
> Recently Sarbanes-Oxley Audit conducted in our company.
> One of the questions they asked is as given below.
> 1.why Interactive log-in is turned ON for that mssqlservice accounts? (for
> SA_Server1) ?
> They don't want any one to login to that server locally using that domain
> account credentials.
> 2.Why builtin/administrators are part of sql users?
>
> How can we prevent anyone logging in to that sql server locally using that
> service account credentials?
> we will be giving that credentials for the 2,3 administrative people only.
> But we don't want them also to login to that server locally using service
> account credentials.
> They should login to that server using their own windows accounts.
>
> How can we turn OFF that interactive log-on?
> is it in group policy or local policy or Active directory member profile?
>
> What are the best security practices for sql server 2000 configuration
> mainly with service accounts?
>
>
> Any kind of help is greatly appreciated.
>
> --Kumar
>
Friday, March 23, 2012
MSQLSERVER service will not start
I have just been through the restoring of all the data on
my using a Third party backup software.
I cannot get my MSSQLService to start. Error comes up
cannot find the path specified.
An error 3 - (the system cannot find the path specified)
occured while performing this operation on the
MSSQLService service.
Can anyone help or point me in the direction of some
article so that I can get the local DB running on my
computer without reinstalling SQLserver.
Thanks| I cannot get my MSSQLService to start. Error comes up
| cannot find the path specified.
|
| An error 3 - (the system cannot find the path specified)
| occured while performing this operation on the
| MSSQLService service.
|
| Can anyone help or point me in the direction of some
| article so that I can get the local DB running on my
| computer without reinstalling SQLserver.
--
Hi Peter,
Try to start the SQL Server service from the command line in minimum
configuration and single user modes and post the output here for us to look
at.
--
Eric Cárdenas
SQL Server support
my using a Third party backup software.
I cannot get my MSSQLService to start. Error comes up
cannot find the path specified.
An error 3 - (the system cannot find the path specified)
occured while performing this operation on the
MSSQLService service.
Can anyone help or point me in the direction of some
article so that I can get the local DB running on my
computer without reinstalling SQLserver.
Thanks| I cannot get my MSSQLService to start. Error comes up
| cannot find the path specified.
|
| An error 3 - (the system cannot find the path specified)
| occured while performing this operation on the
| MSSQLService service.
|
| Can anyone help or point me in the direction of some
| article so that I can get the local DB running on my
| computer without reinstalling SQLserver.
--
Hi Peter,
Try to start the SQL Server service from the command line in minimum
configuration and single user modes and post the output here for us to look
at.
--
Eric Cárdenas
SQL Server support
MSOLAP.DLL Version Numbers
I have been trying to install some third party software that checks for
pre-requisite software in my computer. The third party software is
returning the following diagnostic result (saying I do not heve the correct version of PTS).
Microsoft PivotTable Service 2000
Required: OLAP Server 8.0.986.0
Currently: OLAP Server 8.0.760.0
Status: Error
pre-requisite software in my computer. The third party software is
returning the following diagnostic result (saying I do not heve the correct version of PTS).
Microsoft PivotTable Service 2000
Required: OLAP Server 8.0.986.0
Currently: OLAP Server 8.0.760.0
Status: Error
It is my understanding that "PTS" is MSOLAP.DLL.
I have Analysis Server 2000 SP3 installed and all appears OK.
According to other posts in this group, the correct version of
msolap.dll (pivot table services) for SP3 and SP3A is 8.0.760.0.
My version of msolap.dll currently installed is 8.0.2039.0, which I
believe to be the SP4 version of PTS
The third party software is searching for a version 8.0.986.0.
Nowhere in the MSDN world can I find ANY mention of 8.0.986.0 as a
version number of anything.
Is this an error in the third party diagnostic?
Where would they possibly be getting that version number (8.0.986.0)?
What do you think they are looking at when they say "OLAP SERVER"
The third party support people are saying I must uninstall Analysis
Server 2000 and then download and install PTSFullSP4.exe. I am not
prepared to take so drastic a step, especially given the strange
Product Titles and version numbers they are looking for.
Can anyone shed some light on this issue?
Version 8.00.2039 corresponds to the service pack 4 of SQL Server 2000.
So looks like you've got SP4 of PTS installed and not SP3.
From the error message it looks like the software you trying to install requires SP4 version of Analysis Server.
You can try and run SP4 setup for Analysis Services from
http://www.microsoft.com/downloads/details.aspx?FamilyID=8e2dfc8d-c20e-4446-99a9-b7f0213f8bc5&DisplayLang=en
Edward Melomed.
--
This posting is provided "AS IS" with no warranties, and confers no rights.
Subscribe to:
Posts (Atom)