HI, I know what I should do is jus change the password, but there are over
100 jobs and DTS package connections that run with sa auth, and that will
take a long time, unless someone knows how that can be automated to change
all sa users to something else, sorry that's another question. The issue I
have is that I came into a Job where security setting were left wide open,
and as I try to provide security, and tighten things down, I have users who
know the sa PW and can go in create a new local ID and set themselves as SA,
System Administrator. Although they should be delt with by admin, that's
another story... SO question is how can I disallow sa from creating
logins, AND how can I change all job, and DTS connections (anything that
uses sa creds) to something else? PLEASE... Thanks you.You basically can't deny anything to SA. Giving out the SA password is a
VERY bad thing to do. Your choices are to change it or fire everyone who
knows it.
--
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
"WANNABE" <breichenbach AT istate DOT com> wrote in message
news:ueC1Pm5xGHA.2168@.TK2MSFTNGP06.phx.gbl...
> HI, I know what I should do is jus change the password, but there are
> over 100 jobs and DTS package connections that run with sa auth, and that
> will take a long time, unless someone knows how that can be automated to
> change all sa users to something else, sorry that's another question. The
> issue I have is that I came into a Job where security setting were left
> wide open, and as I try to provide security, and tighten things down, I
> have users who know the sa PW and can go in create a new local ID and set
> themselves as SA, System Administrator. Although they should be delt with
> by admin, that's another story... SO question is how can I disallow sa
> from creating logins, AND how can I change all job, and DTS connections
> (anything that uses sa creds) to something else? PLEASE... Thanks you.
>|||Thanks Roger, That is what I thought.
"Roger Wolter[MSFT]" <rwolter@.online.microsoft.com> wrote in message
news:uCJGrG8xGHA.4960@.TK2MSFTNGP05.phx.gbl...
> You basically can't deny anything to SA. Giving out the SA password is a
> VERY bad thing to do. Your choices are to change it or fire everyone who
> knows it.
> --
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
> Use of included script samples are subject to the terms specified at
> http://www.microsoft.com/info/cpyright.htm
> "WANNABE" <breichenbach AT istate DOT com> wrote in message
> news:ueC1Pm5xGHA.2168@.TK2MSFTNGP06.phx.gbl...
>> HI, I know what I should do is jus change the password, but there are
>> over 100 jobs and DTS package connections that run with sa auth, and that
>> will take a long time, unless someone knows how that can be automated to
>> change all sa users to something else, sorry that's another question.
>> The issue I have is that I came into a Job where security setting were
>> left wide open, and as I try to provide security, and tighten things
>> down, I have users who know the sa PW and can go in create a new local ID
>> and set themselves as SA, System Administrator. Although they should be
>> delt with by admin, that's another story... SO question is how can I
>> disallow sa from creating logins, AND how can I change all job, and DTS
>> connections (anything that uses sa creds) to something else? PLEASE...
>> Thanks you.
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment