HOWTO run SQL Profiler without sysadmin rights
Over in the SQLTeam forums, eyechart has posted information about running SQL Profiler without sysadmin rights.
I recently granted sysadmin rights to a developer so that he could run SQL Profiler in the development environment. Permissions were granted for only a couple of days. Now I won't have to do this anymore!
Legacy Comments
|
Rafi
2005-03-24 |
re: HOWTO run SQL Profiler without sysadmin rights I followed your steps.Still its asking "sysadmin" rights :( Give me some detail steps... |
|
Tara
2005-03-25 |
re: HOWTO run SQL Profiler without sysadmin rights Please post your question in the thread. |
|
srinivasan
2005-03-27 |
re: HOWTO run SQL Profiler without sysadmin rights if the network connections are there then surely with the permissions from admin.it will be quite difficult to do the task |
|
Tara
2005-03-28 |
re: HOWTO run SQL Profiler without sysadmin rights Huh? Please explain further. |
|
JP
2005-07-14 |
re: HOWTO run SQL Profiler without sysadmin rights Hi Tara, I just read this on your blog and was a little bit disappointed. (I read an excellent post of you on the forum and hoped that you would see the pitfall in this post). This is a major security issue you create in your system. A developer will be sysadmin in just a few clicks. After starting the profiler a developer only has to click Tools, Enterprise Manager and now EM is started in SA context :-( JP |
|
Tara
2005-07-14 |
re: HOWTO run SQL Profiler without sysadmin rights Did you even test it? Or did you assume something? You know what they say about assuming... And besides, this isn't to allow a developer access to SQL Profiler in production. I'm already having to grant temporary sysadmin in development for this (without this trick of course), so they can already do everything that they want during that short time frame. |
|
Jay
2005-10-21 |
re: HOWTO run SQL Profiler without sysadmin rights This seems like a slick solution. Does it give the user a back door into sysadmin? |
|
Maria
2006-05-15 |
re: HOWTO run SQL Profiler without sysadmin rights Tara, When creating the batch file, would you include the path to the profiler tool or not? Maria |
|
maxxxxel
2006-05-18 |
re: HOWTO run SQL Profiler without sysadmin rights if you create a batch file that uses choice.exe that waits for a users input then look at your windows temp folder it creates a hidden copy of the decompiled bat file which shows the 'sa' password type %temp% in your start - run window. If you dont use a batch file that waits for user input then the temp file is deleted. There is still a chance that the file is not deleted if you close the batch file window with out using the command exit. Then the file batch file remains in the temp folder. This is too risky for me to have the programm create unencrypted temp files |