tailieunhanh - Hướng dẫn học Microsoft SQL Server 2008 part 122

Sử dụng Windows Security SQL Server cơ sở dữ liệu thường xuyên hỗ trợ các trang web, do đó, Internet Information Server (IIS) bảo mật và tường lửa phải được xem xé trong kế hoạch an ninh. Windows bảo mật là một chủ đề toàn bộ trong chính nó, và do đó nằm ngoài phạm vi của cuốn sách này. | Part VII Windows Security Because SQL Server exists within a Windows environment one aspect of the security strategy must be securing the Windows server. Using Windows Security SQL Server databases frequently support websites so Internet Information Server IIS security and firewalls must be considered within the security plan. Windows security is an entire topic in itself and therefore outside the scope of this book. If as a DBA you are not well supported by qualified network staff then you should make the effort to become proficient in Windows Server technologies especially security. SQL Server login Don t confuse user access to SQL Server with SQL Server s Windows accounts. The two logins are completely different. SQL Server users don t need access to the database directories or data files on a Windows level because the SQL Server process not the user performs the actual file access. However the SQL Server process needs permission to access the files so it needs a Windows account. Three types are available Local user account If network access is not required this is a viable option. Local user accounts cannot be used outside the server. Local system account SQL Server can use the local system account of the operating system for permission to the machine. This option is adequate for single-server installations but fails to provide the network security required for distributed processing. The local system account has more rights than even a member of the Administrators account because the local system account has implicit privileges in the operating system and Active Directory that go beyond membership in the Administrators group. Domain user account recommended SQL Server can use a Windows user account created specifically for it. The SQL Server domain user account can be granted administrator rights for the server and can access the network through the server to talk to other servers. I r p p The SQL Server accounts were initially configured when the server was .