Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
pjstreiff
Starting Member
12 Posts |
 Posted - 2007-10-02 : 11:32:52
|
| In SQL2005, is it possible to restrict incoming sql or windows authentication logins by source hostname or IP address? Perhaps using endpoints? We are currently using hosts file on the db server as a temporary solution, but the SA will not allow us to use this as a permanent solution.The app team I support is asking me to build an "idiot proof" database so that an Dev or Test app server they may configure, doesn't unintentionally connect to the Production database and damage/alter data.Don't worry, I've already asked if they can't follow some kind of M&P's to prevent this kind of silly behavior, but they insist on DBA team creating a bullet-proof database that can outsmart app developers who try to attempt something dumb like this.Any ideas or suggestions would be greatly appreciated.TIA,PhilPhil Streiff |
|
|
Michael Valentine Jones
Yak DBA Kernel (pronounced Colonel)
7020 Posts |
Posted - 2007-10-02 : 11:39:17
|
| The easiest way to to do this is to create different logins for dev, QA, and Production.Since each environment has a different login, you cannot connect to the production database with the wrong login.CODO ERGO SUM |
 |
|
|
rmiao
Master Smack Fu Yak Hacker
7266 Posts |
Posted - 2007-10-02 : 22:54:52
|
| Take look at ipsec in windows. |
|
|
|
|
|
|
Restrict login access by hostname/ip possible?