Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
m.esteghamat
Starting Member
47 Posts |
 Posted - 2012-10-29 : 04:42:45
|
| Hi I created a linked server. ---------------------------------type : sql server local Login : login1Remote user & remote password : (Case 1 : empty - Case 2 : = login1)be made using this sequrity content : login1 passlogin1---------------------------------Problem : Any login in server1 (that server has linked server) has all access on linked server (all databases on it)!!!!!!that means : if any user with least access, knows only knows linked server name and a database name on it, it can select any data from that database whitout any formal access. please help me. I should protect linked server data, from local user in server1.thank you. |
|
|
visakh16
Very Important crosS Applying yaK Herder
52326 Posts |
Posted - 2012-10-29 : 10:17:44
|
| depends on whats the credential to which users are mapped into in linked server------------------------------------------------------------------------------------------------------SQL Server MVPhttp://visakhm.blogspot.com/ |
 |
|
|
m.esteghamat
Starting Member
47 Posts |
Posted - 2012-10-31 : 03:11:36
|
| that was very short, Please desc it more. |
|
|
|
m.esteghamat
Starting Member
47 Posts |
Posted - 2012-11-11 : 05:20:43
|
| Hi againHow do I control mapped user to linked server? |
|
|
|
Bustaz Kool
Master Smack Fu Yak Hacker
1834 Posts |
Posted - 2012-11-13 : 18:35:38
|
| If you right-click on your linked server inside SSMS and bring up the Properties->Security, there are a variety of ways to limit/define the security. You can define an explicit list of people who can make use of the linked server. You can define an explicit login to use; this login could have few or many rights depending on your objective. You can define it so that each user uses their own security context in wich case the amount of trouble they can get into is limited by the set of rights they have been granted. You can also define it so that they login using no security context. I have no idea what that option actually means.=================================================We are far more concerned about the desecration of the flag than we are about the desecration of our land. -Wendell Berry |
|
|
|
Lumbago
Norsk Yak Master
3271 Posts |
Posted - 2012-11-14 : 06:58:59
|
| I don't see the big problem, why can't you just map the local user to a remote account that has limited privileges...? -> "For a login not defined in the list above, connections will:" a) Not be made b) Be made using this security context- LumbagoMy blog-> http://thefirstsql.com |
|
|
|
|
|
|
serious problem in linked server security