Soumettre la recherche
Mettre en ligne
Lesson 5 security
•
0 j'aime
•
565 vues
Ram Kedem
Suivre
MSSQL Server Managing Logins and Server Roles
Lire moins
Lire la suite
Technologie
Signaler
Partager
Signaler
Partager
1 sur 26
Recommandé
Lesson 3 backup
Lesson 3 backup
Ram Kedem
Weblogicserveroverviewtopologyconfigurationadministration
Weblogicserveroverviewtopologyconfigurationadministration
Gokhan Fazli Celik
Weblogic
Weblogic
sudeeporcl
WebLogic Server Work Managers and Overload Protection
WebLogic Server Work Managers and Overload Protection
James Bayer
WLST
WLST
Bhavya Siddappa
Oracle Web Logic server
Oracle Web Logic server
Rakesh Gujjarlapudi
Weblogic performance tuning2
Weblogic performance tuning2
Aditya Bhuyan
Datasheet weblogic midvisionextensionforibmraf
Datasheet weblogic midvisionextensionforibmraf
MidVision
Recommandé
Lesson 3 backup
Lesson 3 backup
Ram Kedem
Weblogicserveroverviewtopologyconfigurationadministration
Weblogicserveroverviewtopologyconfigurationadministration
Gokhan Fazli Celik
Weblogic
Weblogic
sudeeporcl
WebLogic Server Work Managers and Overload Protection
WebLogic Server Work Managers and Overload Protection
James Bayer
WLST
WLST
Bhavya Siddappa
Oracle Web Logic server
Oracle Web Logic server
Rakesh Gujjarlapudi
Weblogic performance tuning2
Weblogic performance tuning2
Aditya Bhuyan
Datasheet weblogic midvisionextensionforibmraf
Datasheet weblogic midvisionextensionforibmraf
MidVision
Weblogic security
Weblogic security
Aditya Bhuyan
Weblogic application server
Weblogic application server
Anuj Tomar
WebLogic Deployment Plan Example
WebLogic Deployment Plan Example
James Bayer
Implementing sql server always on
Implementing sql server always on
Sarabpreet Anand
Sql 2012 always on
Sql 2012 always on
dilip nayak
Always on in SQL Server 2012
Always on in SQL Server 2012
Fadi Abdulwahab
Using Resource Governor to Control Resource Utilization
Using Resource Governor to Control Resource Utilization
SQL Server Sri Lanka User Group
Managing servers
Managing servers
Arshad Havaldar
weblogic perfomence tuning
weblogic perfomence tuning
prathap kumar
Sql server 2012 - always on deep dive - bob duffy
Sql server 2012 - always on deep dive - bob duffy
Anuradha
Weblogic server administration
Weblogic server administration
bispsolutions
Building diagnostic queries using DMVs and DMFs
Building diagnostic queries using DMVs and DMFs
Antonios Chatzipavlis
Weblogic Domain Activity
Weblogic Domain Activity
subash prakash
SQL Server 2016 AlwaysOn Availability Groups New Features
SQL Server 2016 AlwaysOn Availability Groups New Features
John Martin
Weblogic 12c Graphical Mode installation steps in Windows
Weblogic 12c Graphical Mode installation steps in Windows
webservicesm
SQL Server AlwaysOn for Dummies SQLSaturday #202 Edition
SQL Server AlwaysOn for Dummies SQLSaturday #202 Edition
Mark Broadbent
AlwaysON Basics
AlwaysON Basics
Harsh Chawla
SQL Server High Availability Solutions (Pros & Cons)
SQL Server High Availability Solutions (Pros & Cons)
Hamid J. Fard
Windows session 5 : Basics of active directory
Windows session 5 : Basics of active directory
Navaneethan Naveen
Understanding DNSSEC in Windows DNS Server
Understanding DNSSEC in Windows DNS Server
Kumar Ashutosh
Remote desktop and print server
Remote desktop and print server
Muhammad Hamza
SQL: Permissions and Data Protection
SQL: Permissions and Data Protection
LearnNowOnline
Contenu connexe
Tendances
Weblogic security
Weblogic security
Aditya Bhuyan
Weblogic application server
Weblogic application server
Anuj Tomar
WebLogic Deployment Plan Example
WebLogic Deployment Plan Example
James Bayer
Implementing sql server always on
Implementing sql server always on
Sarabpreet Anand
Sql 2012 always on
Sql 2012 always on
dilip nayak
Always on in SQL Server 2012
Always on in SQL Server 2012
Fadi Abdulwahab
Using Resource Governor to Control Resource Utilization
Using Resource Governor to Control Resource Utilization
SQL Server Sri Lanka User Group
Managing servers
Managing servers
Arshad Havaldar
weblogic perfomence tuning
weblogic perfomence tuning
prathap kumar
Sql server 2012 - always on deep dive - bob duffy
Sql server 2012 - always on deep dive - bob duffy
Anuradha
Weblogic server administration
Weblogic server administration
bispsolutions
Building diagnostic queries using DMVs and DMFs
Building diagnostic queries using DMVs and DMFs
Antonios Chatzipavlis
Weblogic Domain Activity
Weblogic Domain Activity
subash prakash
SQL Server 2016 AlwaysOn Availability Groups New Features
SQL Server 2016 AlwaysOn Availability Groups New Features
John Martin
Weblogic 12c Graphical Mode installation steps in Windows
Weblogic 12c Graphical Mode installation steps in Windows
webservicesm
SQL Server AlwaysOn for Dummies SQLSaturday #202 Edition
SQL Server AlwaysOn for Dummies SQLSaturday #202 Edition
Mark Broadbent
AlwaysON Basics
AlwaysON Basics
Harsh Chawla
SQL Server High Availability Solutions (Pros & Cons)
SQL Server High Availability Solutions (Pros & Cons)
Hamid J. Fard
Tendances
(18)
Weblogic security
Weblogic security
Weblogic application server
Weblogic application server
WebLogic Deployment Plan Example
WebLogic Deployment Plan Example
Implementing sql server always on
Implementing sql server always on
Sql 2012 always on
Sql 2012 always on
Always on in SQL Server 2012
Always on in SQL Server 2012
Using Resource Governor to Control Resource Utilization
Using Resource Governor to Control Resource Utilization
Managing servers
Managing servers
weblogic perfomence tuning
weblogic perfomence tuning
Sql server 2012 - always on deep dive - bob duffy
Sql server 2012 - always on deep dive - bob duffy
Weblogic server administration
Weblogic server administration
Building diagnostic queries using DMVs and DMFs
Building diagnostic queries using DMVs and DMFs
Weblogic Domain Activity
Weblogic Domain Activity
SQL Server 2016 AlwaysOn Availability Groups New Features
SQL Server 2016 AlwaysOn Availability Groups New Features
Weblogic 12c Graphical Mode installation steps in Windows
Weblogic 12c Graphical Mode installation steps in Windows
SQL Server AlwaysOn for Dummies SQLSaturday #202 Edition
SQL Server AlwaysOn for Dummies SQLSaturday #202 Edition
AlwaysON Basics
AlwaysON Basics
SQL Server High Availability Solutions (Pros & Cons)
SQL Server High Availability Solutions (Pros & Cons)
En vedette
Windows session 5 : Basics of active directory
Windows session 5 : Basics of active directory
Navaneethan Naveen
Understanding DNSSEC in Windows DNS Server
Understanding DNSSEC in Windows DNS Server
Kumar Ashutosh
Remote desktop and print server
Remote desktop and print server
Muhammad Hamza
SQL: Permissions and Data Protection
SQL: Permissions and Data Protection
LearnNowOnline
Print server
Print server
catacutanjcsantos
Active directory ii
Active directory ii
deshvikas
What is active directory
What is active directory
Adeel Khurram
Servers
Servers
Srinath Dhayalamoorthy
Introduction to Active Directory
Introduction to Active Directory
thoms1i
Web servers
Web servers
Kuldeep Kulkarni
Windows Server 2008 Active Directory
Windows Server 2008 Active Directory
anilinvns
Active directory windows server 2008
Active directory windows server 2008
Ferdinan Julianto
Install Windows Server 2012 Step-by-Step
Install Windows Server 2012 Step-by-Step
Mehdi Poustchi Amin
SQL Tutorial - Basic Commands
SQL Tutorial - Basic Commands
1keydata
Active Directory
Active Directory
Sandeep Kapadane
Windows Server 2012
Windows Server 2012
anilinvns
En vedette
(16)
Windows session 5 : Basics of active directory
Windows session 5 : Basics of active directory
Understanding DNSSEC in Windows DNS Server
Understanding DNSSEC in Windows DNS Server
Remote desktop and print server
Remote desktop and print server
SQL: Permissions and Data Protection
SQL: Permissions and Data Protection
Print server
Print server
Active directory ii
Active directory ii
What is active directory
What is active directory
Servers
Servers
Introduction to Active Directory
Introduction to Active Directory
Web servers
Web servers
Windows Server 2008 Active Directory
Windows Server 2008 Active Directory
Active directory windows server 2008
Active directory windows server 2008
Install Windows Server 2012 Step-by-Step
Install Windows Server 2012 Step-by-Step
SQL Tutorial - Basic Commands
SQL Tutorial - Basic Commands
Active Directory
Active Directory
Windows Server 2012
Windows Server 2012
Similaire à Lesson 5 security
MSSQL Server - Automation
MSSQL Server - Automation
Ram Kedem
Dealing with SQL Security from ADO.NET
Dealing with SQL Security from ADO.NET
Fernando G. Guerrero
Dealing with SQL Security from ADO.NET
Dealing with SQL Security from ADO.NET
Fernando G. Guerrero
Where should I be encrypting my data?
Where should I be encrypting my data?
Information Technology Society Nepal
Role-Based Access Control (RBAC) in Neo4j
Role-Based Access Control (RBAC) in Neo4j
Neo4j
Lesson 1 configuring
Lesson 1 configuring
Ram Kedem
Geek Sync | SQL Security Principals and Permissions 101
Geek Sync | SQL Security Principals and Permissions 101
IDERA Software
Azure sql database limitations
Azure sql database limitations
BRIJESH KUMAR
sql server authentication types by moamen hany
sql server authentication types by moamen hany
Moamen Hany ELNASHAR
98_364_Slides_Lesson05.ppt
98_364_Slides_Lesson05.ppt
RahafKhalid14
24 HOP edición Español -Diferentes técnicas de administración de logins y usu...
24 HOP edición Español -Diferentes técnicas de administración de logins y usu...
SpanishPASSVC
DerbyCon2016 - Hacking SQL Server on Scale with PowerShell
DerbyCon2016 - Hacking SQL Server on Scale with PowerShell
Scott Sutherland
The Spy Who Loathed Me - An Intro to SQL Server Security
The Spy Who Loathed Me - An Intro to SQL Server Security
Chris Bell
Global Azure Bootcamp 2018 - Oh no my organization went Azure
Global Azure Bootcamp 2018 - Oh no my organization went Azure
Karim Vaes
Sql dba 2008 r2 online training
Sql dba 2008 r2 online training
sssql
Sql server 2012 dba online training
Sql server 2012 dba online training
sqlmasters
Sql Server Security Best Practices
Sql Server Security Best Practices
Information Technology
10 Deadly Sins of SQL Server Configuration - APPSEC CALIFORNIA 2015
10 Deadly Sins of SQL Server Configuration - APPSEC CALIFORNIA 2015
Scott Sutherland
Sql server dba certification
Sql server dba certification
sssql
Best Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQL
EDB
Similaire à Lesson 5 security
(20)
MSSQL Server - Automation
MSSQL Server - Automation
Dealing with SQL Security from ADO.NET
Dealing with SQL Security from ADO.NET
Dealing with SQL Security from ADO.NET
Dealing with SQL Security from ADO.NET
Where should I be encrypting my data?
Where should I be encrypting my data?
Role-Based Access Control (RBAC) in Neo4j
Role-Based Access Control (RBAC) in Neo4j
Lesson 1 configuring
Lesson 1 configuring
Geek Sync | SQL Security Principals and Permissions 101
Geek Sync | SQL Security Principals and Permissions 101
Azure sql database limitations
Azure sql database limitations
sql server authentication types by moamen hany
sql server authentication types by moamen hany
98_364_Slides_Lesson05.ppt
98_364_Slides_Lesson05.ppt
24 HOP edición Español -Diferentes técnicas de administración de logins y usu...
24 HOP edición Español -Diferentes técnicas de administración de logins y usu...
DerbyCon2016 - Hacking SQL Server on Scale with PowerShell
DerbyCon2016 - Hacking SQL Server on Scale with PowerShell
The Spy Who Loathed Me - An Intro to SQL Server Security
The Spy Who Loathed Me - An Intro to SQL Server Security
Global Azure Bootcamp 2018 - Oh no my organization went Azure
Global Azure Bootcamp 2018 - Oh no my organization went Azure
Sql dba 2008 r2 online training
Sql dba 2008 r2 online training
Sql server 2012 dba online training
Sql server 2012 dba online training
Sql Server Security Best Practices
Sql Server Security Best Practices
10 Deadly Sins of SQL Server Configuration - APPSEC CALIFORNIA 2015
10 Deadly Sins of SQL Server Configuration - APPSEC CALIFORNIA 2015
Sql server dba certification
Sql server dba certification
Best Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQL
Plus de Ram Kedem
Impala use case @ edge
Impala use case @ edge
Ram Kedem
Advanced SQL Webinar
Advanced SQL Webinar
Ram Kedem
Managing oracle Database Instance
Managing oracle Database Instance
Ram Kedem
Power Pivot and Power View
Power Pivot and Power View
Ram Kedem
Data Mining in SSAS
Data Mining in SSAS
Ram Kedem
Data mining In SSAS
Data mining In SSAS
Ram Kedem
SQL Injections - Oracle
SQL Injections - Oracle
Ram Kedem
SSAS Attributes
SSAS Attributes
Ram Kedem
SSRS Matrix
SSRS Matrix
Ram Kedem
DDL Practice (Hebrew)
DDL Practice (Hebrew)
Ram Kedem
DML Practice (Hebrew)
DML Practice (Hebrew)
Ram Kedem
Exploring Oracle Database Architecture (Hebrew)
Exploring Oracle Database Architecture (Hebrew)
Ram Kedem
Introduction to SQL
Introduction to SQL
Ram Kedem
Introduction to Databases
Introduction to Databases
Ram Kedem
Deploy SSRS Project - SQL Server 2014
Deploy SSRS Project - SQL Server 2014
Ram Kedem
Pig - Processing XML data
Pig - Processing XML data
Ram Kedem
SSAS Cubes & Hierarchies
SSAS Cubes & Hierarchies
Ram Kedem
SSRS Basic Parameters
SSRS Basic Parameters
Ram Kedem
SSRS Gauges
SSRS Gauges
Ram Kedem
SSRS Conditional Formatting
SSRS Conditional Formatting
Ram Kedem
Plus de Ram Kedem
(20)
Impala use case @ edge
Impala use case @ edge
Advanced SQL Webinar
Advanced SQL Webinar
Managing oracle Database Instance
Managing oracle Database Instance
Power Pivot and Power View
Power Pivot and Power View
Data Mining in SSAS
Data Mining in SSAS
Data mining In SSAS
Data mining In SSAS
SQL Injections - Oracle
SQL Injections - Oracle
SSAS Attributes
SSAS Attributes
SSRS Matrix
SSRS Matrix
DDL Practice (Hebrew)
DDL Practice (Hebrew)
DML Practice (Hebrew)
DML Practice (Hebrew)
Exploring Oracle Database Architecture (Hebrew)
Exploring Oracle Database Architecture (Hebrew)
Introduction to SQL
Introduction to SQL
Introduction to Databases
Introduction to Databases
Deploy SSRS Project - SQL Server 2014
Deploy SSRS Project - SQL Server 2014
Pig - Processing XML data
Pig - Processing XML data
SSAS Cubes & Hierarchies
SSAS Cubes & Hierarchies
SSRS Basic Parameters
SSRS Basic Parameters
SSRS Gauges
SSRS Gauges
SSRS Conditional Formatting
SSRS Conditional Formatting
Dernier
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Scott Keck-Warren
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Radu Cotescu
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
HostedbyConfluent
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
gurkirankumar98700
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
OnBoard
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
naman860154
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
2toLead Limited
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Alan Dix
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
The Digital Insurer
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
Allon Mureinik
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
Dernier
(20)
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
Lesson 5 security
1.
Managing Security -
Logins and Server Roles Ram Kedem
2.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Principals •Principals are entities that can request SQL Server resources. •Like other components of the SQL Server authorization model, principals can be arranged in a hierarchy. •The scope of influence of a principal depends on the scope of the definition of the principal: •Windows •Server •Database
3.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Principals •Windows-level principals •Windows Domain Login •Windows Local Login •SQL Server-levelprincipals •SQL Server Login •Server Role •Database-level principals •Database User •Database Role •Application Role
4.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Securables •Securablesare the resources to which the SQL Server Database Engine authorization system regulates access. •The securable scopes are server, database, and schema.
5.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Securables •Server Level •Endpoint •Database •Database Level •User •Database role •Application role •Schema •Schema Level •Function •Procedure •Table •View
6.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent SQL Logins •Logins are the credentials that authenticate connections to an instance. •You can differentiate SQL Server logins based on the type of authentication method used: •Windows-authenticated login •SQL Server–authenticated login •Certificate •Asymmetric key
7.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Windows-Authenticated SQL Server Logins •Windows-authenticated SQL Server logins are instance logins in which the operating system handles authentication. •You can map a Windows-authenticated SQL Server login to a local user account, a local security group, a domain user account, or a domain security group. •The type of authentication you use depends on your organization’s needs. Controlling access by using local computer-based or domain-based groups can reduce the number of SQL logins required but requires giving database administrators the ability to manage membership of these groups.
8.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent SQL Server–Authenticated Logins •SQL Server–authenticated logins are authenticated by the Database Engine instance rather than through the host operating system or a domain controller. •SQL Server–authenticated login passwords are stored within the master database. •If the SQL Server authentication option button is disabled, you must configure the instance to support mixed-mode authentication. •You can create a SQL Server–authenticated login to use the password expiration and complexity policies that apply to the host operating system. •Windows Server 2008 -Start -Administrative Tools -Local Security Policy.
9.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Creating Users -General
10.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Creating Users –Server Roles
11.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Creating Users –User Mapping
12.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Creating Users -Securables
13.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Fixed Server-Level Roles •sysadminRole -members can perform all activities possible on the Database Engine instance. You specify initial membership of this role when performing installation of the Database Engine feature. •serveradmin-Members of the serveradminfixed server role can change server-wide configuration options and shut down the server (creation of new logins for example is not possible) •securityadmin-Members of the securityadminfixed server role manage logins and their properties. They can GRANT, DENY, and REVOKE server-level permissions. They can also GRANT, DENY, and REVOKE database-level permissions if they have access to a database. Additionally, they can reset passwords for SQL Server logins. •processadmin-Members of the processadminfixed server role can end processes that are running in an instance of SQL Server. •setupadmin-Members of the setupadminfixed server role can add and remove linked servers. •bulkadmin-Members of the bulkadminfixed server role can run the BULK INSERT statement.
14.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Fixed Server-Level Roles •diskadmin-The diskadminfixed server role is used for managing disk files. •dbcreator-Members of the dbcreatorfixed server role can create, alter, drop, and restore any database. •public-Every SQL Serverlogin belongs to the public server role. When a server principal has not been granted or denied specific permissions on a securable object, the user inherits the permissions granted to public on that object.Only assign public permissions on any object when you want the object to be available to all users. You cannot change membership in public.
15.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Altering Existing Logins •You can alter existing logins using SQL Server Management Studio to edit the properties of the login. You can also alter existing logins by using the ALTER LOGIN Transact-SQL statement.
16.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Login-Related Catalog Views SELECT*FROMsys.server_principals SELECTtype_desc,COUNT(*) FROMsys.server_principals GROUPBYtype_desc
17.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Removing Logins •You can remove a login by using SQL Server Management Studio, right-clicking the login, and clicking Delete. •You can also remove a login by using the DROP LOGIN Transact-SQL •statement. •You cannot dropa login while that login has an active connection to the database instance. •You cannot dropa login that owns a SQL Server Agent job, a server-level object, or a securable.
18.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Removing Logins •Although it is possible to drop logins that are mapped to database users, this •creates orphaned users. •It is often prudent to disablerather than drop a login because it is simpler to re-enable a login that is mapped to multiple database users than it is to re-create a login if circumstances change. •Login cannot be dropped as long as it has active connection. If you can't drop a Login sine it has some active session, kill that specific session :
19.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Removing Logins SELECTsession_id FROMsys.dm_exec_sessions WHERElogin_name='Ram' KILL52--Replace 52 with the your session ids received from earlier query DROPLOGINRam
20.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Server Roles •Server roles enable you to simplify the assignment of permissions at the database instance level. •Although it is possible to assign permissions to SQL logins, this can be difficult to manage. •SQL Server 2012 ships with nine built-in server roles, These built-in server roles •are fixed and, other than the public role, it is not possible to modify the permissions assigned to these roles.
21.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent User-Defined Server Roles •User-defined server roles are a new SQL Server 2012 feature. You can use user-defined server roles to create custom server roles when using one of the existing server roles does not suit your specific requirements. Creating a user-defined server role involves performing the following steps: •Creating the user-defined server role •Granting server-level permissions to the role •Adding SQL Server logins to the role
22.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Credentials •Authentication information needed to access a resource outside of SQL Server. •Usually consists of a Windows login and password. •Enables users connecting using SQL Authentication, to access Windows or other resources outside of SQL Server •A Credential can be used by many SQL Server Logins. (Credential -< Logins) •A Login can be mapped to only one Credential. (Through "Login properties") •Relevant only with Mixed Authentication. (Server Properties => Security)
23.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Database Users •USERS -Database level principals, which define the permissions on the DB. •We can map a Server Login to a DB User. (1-1 relationship per DB) •Each DB has two Special users: •DBO •DB Owner -Most privileged user. •Members of SysAdminrole are mapped to it. •GUEST •Used for Logins who are not mapped to any DB user. •Disabled by defualt. •We can enable him and give him permissions for Public.
24.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Database Roles •Three kinds of roles at DB level: •1.Fixed DB Roles - •Set of permissions for specific tasks (User admin, DDLs, Selects etc) •Can add new members, but the permissions are fixed. •2. User-defined DB Roles •For grouping users with similar permissions. •3. The Public Role •Fixed role which is assigned to all users. •Inherits the permissions of the Guest user.
25.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Application Roles •Setting a Security Context for a specific application •If a program is linked to an app. role, it executes under its permissions,insteadof under the invoker's permissions. •Enables users to perform certain actions only via the application.(More secure and less permissions administration overhead) •There are no members for App. role (Activated during the program execution) •Activation requires a password. •The role remains active until running sp_unsetapprole(Or disconnecting)
26.
Copyright 2014 ©
Ram Kedem. All rights reserved. Not to be reproduced without written consent Data Encryption -Keys •1. Symetric •A certain key that is used for encryption and decryption. •This one key is used for both encryption and decryption, therefore both the encryptorand decryptorshould share it. •Symetrickeys are relatively fast and are usually most suitable for use. •2. A-Symetric •Contains two different keys -a Private Key and a Public key. •Data is encrypted by the Public-key, and can only be decrypted by its corresponding Private-Key. •The Private-key is kept secret, and the public one can be distributed freely,toall who need to send encrypted data to the owner of the private key. •Relatively resource-intensive and much slower than Symetrickeys, but provide a higher level of security. (As the Secret key does not have to be shared between target and source) •Usually used for the initial transfer of the Symmetric Keys... •We can choose from many different algorithms for the encrypting key. •ms-help://MS.SQLCC.v9/MS.SQLSVR.v9.en/udb9/html/96c276d5-1bba-4e95- b678-10f059f1fbcf.htm