Hi all,
Okay, we've got a product which has SQL Server as the backend database.
The client has the product as well as the database.
But the DBA at the clients end messes up with the data & we are held
responsible (that the product is what is messing up the data & NOT their
DBA).
How can we prevent this,
ie. try to encrypt the database or restrict access to the database to the
DBA.
Also, another requirement is that we do NOT want them to see the DB
structures, the tables, the data in the Databse!!!!
options,
1. Get them to install a new instance of SQL Server & NOT give the DBA or
anyone the password & have the password embeded in the application (thus
only the application can access the SQL Database).
NOTE : THe product and the SQL Servers WILL have to be at the clients end.
any other options?D.Rudiani
If you want to restict access to the database then remove him/her from
sysadmin server role and don't grant the access to the database
"D.Rudiani" <rudi@.www.com> wrote in message
news:%23dJk2anWFHA.2448@.TK2MSFTNGP12.phx.gbl...
> Hi all,
> Okay, we've got a product which has SQL Server as the backend database.
> The client has the product as well as the database.
> But the DBA at the clients end messes up with the data & we are held
> responsible (that the product is what is messing up the data & NOT their
> DBA).
> How can we prevent this,
> ie. try to encrypt the database or restrict access to the database to the
> DBA.
> Also, another requirement is that we do NOT want them to see the DB
> structures, the tables, the data in the Databse!!!!
> options,
> 1. Get them to install a new instance of SQL Server & NOT give the DBA or
> anyone the password & have the password embeded in the application (thus
> only the application can access the SQL Database).
> NOTE : THe product and the SQL Servers WILL have to be at the clients end.
> any other options?
>|||Hi,
Since the SQL SERVER machine is in the clients place and DBA needs to
perform administrative tasks ( BACKUP , RECOVERY , DBCC, REINDEX..),
it is very difficult to restrict the DBA. Only way to restrict is change the
OS Level admin password and SA password for sql server and do not hand it to
client side DBA. In this case he can not perform any administrative tasks.
Also, another requirement is that we do NOT want them to see the DB
structures, the tables, the data in the Databse!!!!
See Application roles in Books online.
Thanks
Hari
SQL Server MVP
"D.Rudiani" <rudi@.www.com> wrote in message
news:%23dJk2anWFHA.2448@.TK2MSFTNGP12.phx.gbl...
> Hi all,
> Okay, we've got a product which has SQL Server as the backend database.
> The client has the product as well as the database.
> But the DBA at the clients end messes up with the data & we are held
> responsible (that the product is what is messing up the data & NOT their
> DBA).
> How can we prevent this,
> ie. try to encrypt the database or restrict access to the database to the
> DBA.
> Also, another requirement is that we do NOT want them to see the DB
> structures, the tables, the data in the Databse!!!!
> options,
> 1. Get them to install a new instance of SQL Server & NOT give the DBA or
> anyone the password & have the password embeded in the application (thus
> only the application can access the SQL Database).
> NOTE : THe product and the SQL Servers WILL have to be at the clients end.
> any other options?
>sql
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment