1

I have a recent unfortunate event. I host a business partner's SQLServer 2005 server, and the "sa" password was mysteriously changed (nobody wants to take responsibility on it). So I was wondering, is there a way I can configure SQL Server 2005 to log all password changes?

I know that could be achieved with Windows Server 2003, Windows Server 2008 or similar. But the thing is, I am running on Windows XP Pro (I know I should not be doing this, but my business partner claims she doesn't have the budget to buy a full fledge Windows Server OS).

Thanks a lot!

4

3 回答 3

1

一些想法...

  1. 使用 SQL 分析器,审核登录更改密码事件类
  2. DDL 触发器,指定ALTER USER DDL 事件
  3. 重命名“sa”,创建一个虚拟“sa”帐户

任何有权更改密码的人都可以撤消或关闭任何审核

于 2009-04-19T17:58:24.190 回答
0

一旦您第二次丢失数据,他们是否有足够的资金从头开始重新创建数据库?说真的,您应该简单地使用 Windows 事件查看器来查看最后一次访问。SA 通常会在安全日志中显示一个事件。

于 2009-04-19T00:41:07.757 回答
0

gbn有正确的想法

在研究同一主题时,我发现了 Aaron Bertrand 写的一个很好的例子。
本质上,您需要使用 AUDIT_LOGIN_CHANGE_PASSWORD_EVENT 参数创建一个事件

CREATE EVENT NOTIFICATION PasswordChangeNotification
    ON SERVER WITH FAN_IN
    FOR AUDIT_LOGIN_CHANGE_PASSWORD_EVENT
    TO SERVICE 'PasswordChangeService', 'current database';
GO

你可以在这里找到他的例子
http://www.mssqltips.com/sqlservertip/2708/tracking-login-password-changes-in-sql-server/

于 2014-07-24T08:55:58.183 回答