Here I show you how xp_cmdshell isn’t the danger everyone Continue reading “The Truth About SQL Security”
Category: Security
XP_CmdShell Default Proxy
Most DBAs don’t think of it, but xp_cmdshell has a
default proxy account. In fact, this proxy is responsible for its permissions, and actually follows Microsoft’s current external script security strategy. So xp_cmdshell isn’t unique and it doesn’t do anything special security-wise.
Here you’ll see how to test which credentials xp_cmdshell is using. It’s actually pretty easy.
What are Orphaned Users?
Here I’ll describe what an orphaned user is and how it happens. I’ll even show you how to produce the condition yourself. Orphaned Continue reading “What are Orphaned Users?”
Get into SQL
Have you ever found yourself locked out of SQL because your account doesn’t have rights and you don’t know the sa password? Here I Continue reading “Get into SQL”
Change Users Password
Users don’t need special permissions to change their own passwords, but there is a minor trick to it. Here I’ll show you 3 ways Continue reading “Change Users Password”
Troubleshoot Default Schema
Here I troubleshoot why a user’s default schema isn’t being honored.
Change SQL Server Permissions in Powershell: Part 2
Continuing from the 1st video, here I show you how to capture useful errors from the method call. I explain how to Trap the Continue reading “Change SQL Server Permissions in Powershell: Part 2”
Recover SQL Passwords
Did you know that SQL Server stores username/password combos in cleartext in memory? And did you know that you can also use a debugger to Continue reading “Recover SQL Passwords”
Introduction to Schemas
This is an excellent video that explains what schemas are and why you should care.
Schemas as Documentation
This is the 2nd video in the schema series. Here I give you a really good reason to adopt schemas in your architectures. Hope Continue reading “Schemas as Documentation”
Schemas: Ownership Chaining and Schema Ownership
Continuing with schemas, here I talk about ownership chaining and how schema ownership effects them. I start with the basics of chaining and then get Continue reading “Schemas: Ownership Chaining and Schema Ownership”
Change SQL Server Job Owner
This is a really cool method for changing SQL job owners or any job property I would imagine. It really simplifies it from using Continue reading “Change SQL Server Job Owner”
Running Websites with AD Accounts
This is an excellent tutorial on how to run a website under a specific AD account so you can use windows authentication in the database. Continue reading “Running Websites with AD Accounts”
RunAs Magic
This is a really good video on how to use the RunAs utility in windows. There are several scenarios when a DBA/Dev may need Continue reading “RunAs Magic”