A question for SQL gurus
#1
Scooby Regular
Thread Starter
Join Date: Jun 2002
Location: Perth, Western Australia
Posts: 1,866
Likes: 0
Received 0 Likes
on
0 Posts
A question for SQL gurus
I'm working on a project for a client that includes installing Symantec ServiceDesk 7.1 with off-box SQL. One of the prerequisites is that the computer account of the SD box is added to the local admins group of the SQL box. The client's DBAs are asking why and me telling them that Symantec says so isn't cutting it. There's nothing in the doucmentation or KBs so can anyone explain why this may be needed?
Thanks
Mark
Thanks
Mark
#2
Scooby Regular
I know this is probably stating the bleeding obvious but by purchasing that product did they not get any Symantec technical support with it that could answer that question for you by way of a phone call to them?
Don't you just love DBAs, almost as much of a pain in the ar$e as Unix engineers.
Don't you just love DBAs, almost as much of a pain in the ar$e as Unix engineers.
#3
Scooby Regular
well its needed because it needs to have the restricted security on the sql box to only be access by the other machine (your basically locking everything down). From the product and jargon you are talking I can only presume this is a windows machine? So you need to get into the user group settings (control panel), and add from the network the machine (which should be auto-detected) admin group into the local admin group - this will tie up the machine into the others local settings and thus should work.
although not 100% as "I'm a pain in the ar$e unix engineer :P " haha
although not 100% as "I'm a pain in the ar$e unix engineer :P " haha
#5
Scooby Regular
Thread Starter
Join Date: Jun 2002
Location: Perth, Western Australia
Posts: 1,866
Likes: 0
Received 0 Likes
on
0 Posts
I know this is probably stating the bleeding obvious but by purchasing that product did they not get any Symantec technical support with it that could answer that question for you by way of a phone call to them?
Don't you just love DBAs, almost as much of a pain in the ar$e as Unix engineers.
Don't you just love DBAs, almost as much of a pain in the ar$e as Unix engineers.
Fortunately, I don't have much contact with those pale skinned folks that inhabit the windowless rooms in IT depts
#6
Scooby Regular
Thread Starter
Join Date: Jun 2002
Location: Perth, Western Australia
Posts: 1,866
Likes: 0
Received 0 Likes
on
0 Posts
well its needed because it needs to have the restricted security on the sql box to only be access by the other machine (your basically locking everything down). From the product and jargon you are talking I can only presume this is a windows machine? So you need to get into the user group settings (control panel), and add from the network the machine (which should be auto-detected) admin group into the local admin group - this will tie up the machine into the others local settings and thus should work.
although not 100% as "I'm a pain in the ar$e unix engineer :P " haha
although not 100% as "I'm a pain in the ar$e unix engineer :P " haha
#7
Scooby Regular
And yes 1st line engineers will only be able to tell you how to reboot your machine, this really is a job for an onsite engineer, this being you lol! but then generally someone who would be setting this sort of thing up should know the lot and no doubt be an MSCE or MSCA.
Trending Topics
#8
I would also ask the same question of why the computer account requires administrator rights on the SQL server.
It is not really secure, if the app server is compromised, it can have full admin rights to your SQL server and so could anyone connected to the app server.
You will have to get Symantec to tell you why it is required. Granting full access doesn't cut it with me, only grant what is required and no more.
If your SQL server is shared, the other hosted DB's will not be secure.
Can the app utilise a different SQL server? Say Oracle/MySql on a unix type OS? If there is no other OS/DB option, I can only presume that the app must install/access/control things running on SQL as well as the OS. If this is the case and you really want to use this product, you are going to have to use dedicated servers to host this application.
It is not really secure, if the app server is compromised, it can have full admin rights to your SQL server and so could anyone connected to the app server.
You will have to get Symantec to tell you why it is required. Granting full access doesn't cut it with me, only grant what is required and no more.
If your SQL server is shared, the other hosted DB's will not be secure.
Can the app utilise a different SQL server? Say Oracle/MySql on a unix type OS? If there is no other OS/DB option, I can only presume that the app must install/access/control things running on SQL as well as the OS. If this is the case and you really want to use this product, you are going to have to use dedicated servers to host this application.
Thread
Thread Starter
Forum
Replies
Last Post
Brzoza
Engine Management and ECU Remapping
1
02 October 2015 05:26 PM