Security Basics mailing list archives
RE: [ms-sql 2000] linked-servers and low privilege service account.
From: "Scott Ramsdell" <Scott.Ramsdell () cellnet com>
Date: Wed, 25 Apr 2007 11:11:43 -0400
Hamid, When you used ODBC, did you happen to configure it as a User DSN? If you set it up as a System DSN, it should be available to all users, at least in my experience. Hopefully a SQL guru is on list. Kind Regards, Scott Ramsdell CISSP, CCNA, MCSE Security Network Engineer -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of elite_netbios () yahoo com Sent: Tuesday, April 24, 2007 2:21 AM To: security-basics () securityfocus com Subject: [ms-sql 2000] linked-servers and low privilege service account. Hi, While hardening ms-sql 2000 for a DMZ installation, I faced with a problem, stopping me at serious point. While using a normal user account for running SqlService , seems it's not possible to use defined linked servers (linking to Oracle in this case ) because of limited privileges. After few try and errors I noticed that only members of "Local Administrators" are allowed to use defined linked servers , meaning 'SqlService' account should be SYSTEM or a member of admin group , which is not a good idea. currently I'm using 'OLE provider for Oracle' . I tried ODBC link but seems this solution requires user to be privileged too. How can I permit my defined low-privileged user account to work properly in such scenario ? regards Hamid
Current thread:
- [ms-sql 2000] linked-servers and low privilege service account. elite_netbios (Apr 24)
- RE: [ms-sql 2000] linked-servers and low privilege service account. Scott Ramsdell (Apr 25)