Fix Orphaned Users, Instance-Wide
The Overview Orphaned users are database principals that are no longer associated with a server principal, or login. This happens frequently when restoring a database from one server onto another server that doesn’t have the…
Disabled Active Directory Accounts in T-SQL
SQL Server, by default, uses Windows Authentication to provide integrated Active Directory authentication to users. This makes it extremely easy to setup new users; you only need to know the Active Directory account name, or…
Surface Area Configuration Audit
The Surface Area Setup Microsoft has built an incredible number of excellent features into SQL Server over the years, vastly increasing the surface area of possible vulnerabilities. Some of these features can be both a…
Finding Host Names for Failed login attempts!
The Intro If you manage a lot of SQL Server instances, you likely run into failed login attempts quite often. Perhaps you’re even wondering what client machine is causing all those failures. Since most environments…
Data Masking is not enough to protect personal information from prying eyes!
Data Masking is the process of either obfuscating or replacing personally identifying information with meaningless data that cannot be used to identify the items being masked. The data masking process is frequently used to alter…
Internet access to your SQL Server?
Occasionally I see questions on dba.stackexchange.com where it appears the SQL Server is exposed directly to the Internet, allowing remote connections. This is very bad. In this post, I provide some reasons why. First, it…