[dbsec] [ms-sql 2000] linked-servers and low privilege service account.
- From: Hamid Kashfi <hamid@xxxxxxxxx>
- To: dbsec@xxxxxxxxxxxxx
- Date: Sun, 22 Apr 2007 00:03:03 +0330
Hi,
While hardening ms-sql 2000 for a DMZ installation, I faced
with a problem, stopping me at serious point.
While using a normal user account for running SqlService , seems it's not
possible to use defined linked servers (linking to Oracle in this case )
because
of limited privileges. After few try and errors I noticed that only
members of "Local Administrators"
are allowed to use defined linked servers , meaning 'SqlService' account
should be
SYSTEM or a member of admin group , which is not a good idea.
currently I'm using 'OLE provider for Oracle' . I tried ODBC link but
seems this solution requires
user to be privileged too.
How can I permit my defined low-privileged user account to work properly
in such scenario ?
regards
Hamid
Other related posts:
- » [dbsec] [ms-sql 2000] linked-servers and low privilege service account.