Securing Access at the Database Level
System Center 2012 Configuration Manager supports SQL Server in either mixed mode or Windows-only authentication; you should choose Windows-only authentication for all site database servers. Windows authentication provides much stronger account controls and authentication mechanisms than are available for accounts defined in SQL Server. Database logins should be granted to Active Directory users and groups, rather than local users and groups on the database server.
As with any administrative access, you should assign SQL Server access on a least privilege basis. It is particularly important to limit access to privileged server roles such as sysadmin and securityadmin. There is generally no reason to assign ...
Get System Center 2012 Configuration Manager Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
