Foglight 5.6.5. Managing SQL Server Database Systems Permissions Guide. for SQL Server

Similar documents
Foglight Managing SQL Server Database Systems Getting Started Guide. for SQL Server

Foglight Managing SQL Server Database Systems Getting Started Guide. for SQL Server

Foglight for Oracle. Managing Oracle Database Systems Getting Started Guide

Foglight. Dashboard Support Guide

Foglight. Managing Java EE Systems Supported Platforms and Servers Guide

Foglight. Foglight for Virtualization, Enterprise Edition 7.2. Virtual Appliance Installation and Setup Guide

Foglight for SQL Server Getting Started Guide

formerly Help Desk Authority Quest Free Network Tools User Manual

Foglight. Managing Hyper-V Systems User and Reference Guide

Foglight. Foglight for Virtualization, Free Edition Installation and Configuration Guide

Dell Spotlight on Active Directory Server Health Wizard Configuration Guide

System Requirements and Platform Support Guide

Enterprise Single Sign-On 8.0.3

4.0. Offline Folder Wizard. User Guide

Spotlight Management Pack for SCOM

DATA GOVERNANCE EDITION

formerly Help Desk Authority HDAccess Administrator Guide

Introduction to Version Control in

Foglight Cartridge for Active Directory Installation Guide

Enterprise Single Sign-On Installation and Configuration Guide

Foglight Managing Microsoft Active Directory Installation Guide

Quick Connect Express for Active Directory

10.2. Auditing Cisco PIX Firewall with Quest InTrust

2007 Quest Software, Inc. ALL RIGHTS RESERVED. TRADEMARKS. Disclaimer

Quest vworkspace Virtual Desktop Extensions for Linux

Spotlight Management Pack for SCOM

Defender Delegated Administration. User Guide

ChangeAuditor 5.6. For Windows File Servers Event Reference Guide

Quest ChangeAuditor 5.1 FOR ACTIVE DIRECTORY. User Guide

Dell InTrust Preparing for Auditing Microsoft SQL Server

FOR WINDOWS FILE SERVERS

formerly Help Desk Authority HDAccess User Manual

An Introduction to Toad Extension for Visual Studio. Written By Thomas Klughardt Systems Consultant Quest Software, Inc.

Dell One Identity Cloud Access Manager How to Configure vworkspace Integration

formerly Help Desk Authority Upgrade Guide

Spotlight on Messaging. Evaluator s Guide

Foglight for SQL Server

Quest SQL Optimizer 6.5. for SQL Server. Installation Guide

Quest Management Agent for Forefront Identity Manager

NetVault LiteSpeed for SQL Server version Integration with TSM

8.7. Resource Kit User Guide

ChangeAuditor 6.0 For Windows File Servers. Event Reference Guide

Dell InTrust Preparing for Auditing Cisco PIX Firewall

Installing the Microsoft Exchange Management Capabilities Revision 1

Dell Statistica Document Management System (SDMS) Installation Instructions

FOR SHAREPOINT. Quick Start Guide

Using Self Certified SSL Certificates. Paul Fisher. Quest Software. Systems Consultant. Desktop Virtualisation Group

Quest SQL Optimizer. for Oracle 8.0. User Guide

2.0. Quick Start Guide

Quest ChangeAuditor 4.8

Security Analytics Engine 1.0. Help Desk User Guide

Cartridge for IBM WebSphere MQ Server Installation and Configuration Guide

Built-in Plug-ins User s Guide

Troubleshooting Guide 5.1. Quest Workspace ChangeBASE

Quest Site Administrator 4.4

Object Level Authentication

Dell Statistica Statistica Enterprise Installation Instructions

Managing the Cartridge for Foglight Experience Monitor User and Reference Guide

Web Portal Installation Guide 5.0

Dell Recovery Manager for Active Directory 8.6. Quick Start Guide

Dell Migration Manager for Enterprise Social What Can and Cannot Be Migrated

Dell One Identity Cloud Access Manager How to Configure Microsoft Office 365

6.7. Replication: Best Practices and Troubleshooting

Quest Collaboration Services 3.5. How it Works Guide

Dell One Identity Cloud Access Manager How to Configure for High Availability

Defender 5.7. Remote Access User Guide

Quick Connect for Cloud Services

Dell Statistica. Statistica Document Management System (SDMS) Requirements

6.7. Quick Start Guide

ActiveRoles 6.8. Web Interface User Guide

Foglight Foglight Experience Monitor Metric Reference Guide

Quest Collaboration Services How it Works Guide

Direct Migration from SharePoint 2003 to SharePoint 2010

10.6. Auditing and Monitoring Quest ActiveRoles Server

How to Deploy Models using Statistica SVB Nodes

Dell One Identity Cloud Access Manager How to Configure for SSO to SAP NetWeaver using SAML 2.0

ActiveRoles 6.9. Replication: Best Practices and Troubleshooting

Dell Unified Communications Command Suite - Diagnostics 8.0. Data Recorder User Guide

New Features and Enhancements

ChangeAuditor 6.0. Web Client User Guide

Gain Control of Space with Quest Capacity Manager for SQL Server. written by Thomas LaRock

8.7. Target Exchange 2010 Environment Preparation

Dell InTrust Preparing for Auditing CheckPoint Firewall

Go Beyond Basic Up/Down Monitoring

Go beyond basic up/down monitoring

Dell One Identity Cloud Access Manager How To Deploy Cloud Access Manager in a Virtual Private Cloud

Dell NetVault Backup Plug-in for SQL Server 6.1

Foglight for Active Directory User and Reference Guide

About Recovery Manager for Active

ActiveRoles 6.9. Quick Start Guide

Dell InTrust Preparing for Auditing and Monitoring Microsoft IIS

Dell NetVault Backup Plug-in for SQL Server

ChangeAuditor 5.7. What s New

Installation and Setup Guide 5.6.3

Quest Site Administrator 4.4

The Top 10 Things DBAs Should Know About Toad for IBM DB2

8.10. Required Ports

How To Use Quest Recovery Manager For Sharepoint

Dell One Identity Cloud Access Manager SonicWALL Integration Overview

Transcription:

Foglight for SQL Server 5.6.5 Managing SQL Server Database Systems Permissions Guide

2012 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software license or nondisclosure agreement. This software may be used or copied only in accordance with the terms of the applicable agreement. No part of this guide may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording for any purpose other than the purchaser s personal use without the written permission of Quest Software, Inc. The information in this document is provided in connection with Quest products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of Quest products. EXCEPT AS SET FORTH IN QUEST'S TERMS AND CONDITIONS AS SPECIFIED IN THE LICENSE AGREEMENT FOR THIS PRODUCT, QUEST ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL QUEST BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF QUEST HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Quest makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and product descriptions at any time without notice. Quest does not make any commitment to update the information contained in this document. If you have any questions regarding your potential use of this material, contact: Quest Software World Headquarters LEGAL Dept 5 Polaris Way Aliso Viejo, CA 92656 www.quest.com email: legal@quest.com Refer to our Web site for regional and international office information. Trademarks Quest, Quest Software, the Quest Software logo, Foglight, IntelliProfile, PerformaSure, Spotlight, StealthCollect, TOAD, Tag and Follow, Vintela Single Sign-on for Java, and vfoglight are trademarks and registered trademarks of Quest Software, Inc in the United States of America and other countries. For a complete list of Quest Software s trademarks, please see http:// www.quest.com/legal/trademark-information.aspx. Other trademarks and registered trademarks are property of their respective owners. Third Party Contributions Foglight contains some third party components. For a complete list, see the License Credits page in Foglight online help. Permissions Guide December 2012 Version 5.6.5

Managing SQL Server Database Systems Permissions Guide 3 Table of Contents Introduction to this Guide...4 About Quest Software, Inc.... 5 Contacting Quest Software... 5 Contacting Quest Support... 5 Foglight for SQL Server Cartridge Permissions...6 Configuring Privileges for the VMware Collector Agent... 7 Configuring Privileges on the VMware Virtual Infrastructure Client... 7 Configuring Privileges on the VMware vsphere Client... 7 Granting Permissions to SQL Server Users... 9 Instance-level Permissions... 10 Database-level Permissions... 10 Object-specific Permissions... 11 Running the Grant Permissions Script... 11 Index...14

Introduction to this Guide This Permissions Guide provides information and instructions about the various permission levels that can be granted for users of SQL Server 2000 and SQL Server 2005/2008, as well as instructions for manually running the Grant Permissions script. This guide is intended for SQL Server administrators.

Managing SQL Server Database Systems Permissions Guide 5 Introduction to this Guide About Quest Software, Inc. Established in 1987, Quest Software (Nasdaq: QSFT) provides simple and innovative IT management solutions that enable more than 100,000 global customers to save time and money across physical and virtual environments. Quest products solve complex IT challenges ranging from database management, data protection, identity and access management, monitoring, user workspace management to Windows management. For more information, visit www.quest.com. Contacting Quest Software Email Mail Web site info@quest.com Quest Software, Inc. World Headquarters 5 Polaris Way Aliso Viejo, CA 92656 USA www.quest.com Refer to our Web site for regional and international office information. Contacting Quest Support Quest Support is available to customers who have a trial version of a Quest product or who have purchased a Quest product and have a valid maintenance contract. Quest Support provides unlimited 24x7 access to our Support Portal at http://www.quest.com/support. From our Support Portal, you can do the following: Retrieve thousands of solutions from our Knowledge Base Download the latest releases and service packs Create, update, and review Support cases View the Global Support Guide for a detailed explanation of support programs, online services, contact information, policies, and procedures. The guide is available at: http://www.quest.com/ support.

1 Foglight for SQL Server Cartridge Permissions Foglight for SQL Server can be used for granting persmissions on several levels. This document details the permissions that can be granted to users of SQL Server at each level, and instructs how to manually run the grant privileges script.

Managing SQL Server Database Systems Permissions Guide 7 Chapter 1 Foglight for SQL Server Cartridge Permissions Configuring Privileges for the VMware Collector Agent Starting with version 6.5.1, users of Quest vfoglight, Quest Software s solution for performance monitoring and management of virtual environments, can benefit from vfoglight for SQL Server Add-on, which provides light-weight monitoring of SQL Server instances running on VMware ESX servers. vfoglight for SQL Server Add-on is primarily targeted to assist database administrators, who need to investigate the share of SQL Server-related processes within the overall system workload. Prior to installing and configuring the vfoglight for SQL Server Add-on agent components, Foglight for SQL Server must have the appropriate credentials required for connecting to the VMware Collector agent, as described in the following sections: Configuring Privileges on the VMware Virtual Infrastructure Client on page 7 Configuring Privileges on the VMware vsphere Client on page 7 Configuring Privileges on the VMware Virtual Infrastructure Client To configure privileges for the Collector agent component credentials: 1 On the VMware Virtual Infrastructure client user interface, click the Administration button at the top of the screen. The Administration screen appears. 2 Right-click a role type and click Add. The Add Role dialog box appears. 3 Enter a name for the newly created role. 4 Enable the Read Only privilege. 5 Click OK. 6 On the VMware Virtual Infrastructure client user interface, click the Inventory button at the top of the screen. The Inventory screen appears. 7 Right-click Hosts and Clusters at the top left and click Assign Permissions. The Assign Permissions dialog box appears. 8 From the Assigned Role list, select the newly created role. 9 Click Add. Configuring Privileges on the VMware vsphere Client To configure privileges for the Collector agent component credentials: 1 On the home page, go to Inventory > Hosts and Clusters.

Managing SQL Server Database Systems Permissions Guide 8 Chapter 1 Foglight for SQL Server Cartridge Permissions Click here 2 Right-click the top (parent) host name on the top left and click Assign Permissions. Rightclick here The Assign Permissions dialog box appears.

Managing SQL Server Database Systems Permissions Guide 9 Chapter 1 Foglight for SQL Server Cartridge Permissions 3 Select the privilege Read-only from the Assigned Role section. 4 Click Add on the Users and Groups column. The Select Users and Groups dialog box appears. 5 Select the users and groups to be added to the newly created role. 6 Click OK. Granting Permissions to SQL Server Users Permissions are granted on several levels, as detailed in the following sections: Instance-level Permissions on page 10 Database-level Permissions on page 10

Managing SQL Server Database Systems Permissions Guide 10 Chapter 1 Foglight for SQL Server Cartridge Permissions Object-specific Permissions on page 11 Instance-level Permissions The following permissions are granted at the instance level: VIEW ANY DEFINITION VIEW SERVER STATE ALTER TRACE allows carrying out the following operations: Tracing a specific session the data retrieved by this operation is displayed on the SQL Activity > Sessions > Session Details > Session Trace pane Monitoring deadlocks the data retrieved by this operation is displayed on the SQL Activity > Deadlocks panel Database-level Permissions The following permissions are granted at the database level: CREATE USER the lowest permission level, which only allows accessing each database. db_datareader allows creating user-defined SQL queries for monitoring purposes, via the User-defined Collections global administration screen. For details, see User-defined Collections section in Foglight for SQL Server User Guide. db_ddladmin allows running DBCC commands for indexes. In the lack of such a permission, no data will be retrieved from the following collections: Database Index Density Vectors Database Index Details Database Index Histogram The data retrieved from these collections is displayed by clicking a specific row on the Databases > Indexes pane, as shown below.

Managing SQL Server Database Systems Permissions Guide 11 Chapter 1 Foglight for SQL Server Cartridge Permissions Object-specific Permissions The permissions listed below allow users holding them to access specific objects within the master and msdb databases: Execute allows accessing the following objects within the master database: xp_enumerrorlogs xp_readerrorlog Select allows accessing the following objects within the msdb database: log_shipping_monitor_primary log_shipping_monitor_secondary log_shipping_primaries log_shipping_secondaries sysalerts syscategories sysjobactivity sysjobs sysjobhistory dbm_monitor_data Running the Grant Permissions Script The file used for granting permissions manually, SQLServerGrantPrivilegesScript.sql, can be downloaded by clicking the link View script under the Instances table, accessible via one of the following methods:

Managing SQL Server Database Systems Permissions Guide 12 Chapter 1 Foglight for SQL Server Cartridge Permissions When running the automatic discovery wizard in the Instance Connectivity Settings screen ((see section Running the Database Discovery Wizard in the Foglight for SQL Server User Guide). View script link In the Connection Details global administration screen (see section Global Administration > Connection Details in the Foglight for SQL Server User Guide). View script link Important Running this file requires having sysadmin or securityadmin server role. To manually run the Grant Permissions script: 1 Open the SQLServerGrantPrivilegesScript.sql file in SQL Server Management Studio (SSMS). 2 Find the Select@LoginName =? section in the beginning of this file.

Managing SQL Server Database Systems Permissions Guide 13 Chapter 1 Foglight for SQL Server Cartridge Permissions 3 Replace the question mark with the login name to which the requested permissions are to be assigned. 4 Execute the script. 5 Repeat step 1 to step 4 for each instance to be monitored.

Managing SQL Server Database Systems Permissions Guide 14 Index C creating user-defined collections using db_datareader permission 10 D database-level permissions CREATE USER 10 db_datareader 10 db_ddladmin 10 from the automatic discovery wizard 12 from the connection details screen 12 running manually 12 support 5 T technical support 5 tracing a specific session using ALTERTRACE 10 I instance-level permissions ALTER TRACE 10 VIEW ANY DEFINITION 10 VIEW SERVER STATE 10 M master database accessing specific objects via the execute permission 11 monitoring deadlocks using ALTERTRACE 10 msdb database accessing specific objects via the select permission 11 O object-specific permissions execute 11 select 11 R running DBCC commands using db_ddladmin permission 10 S SQLServerGrantPrivilegesScript.sql file downloading

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information