Is it possible to create a group policy that sets the "remote connections"
property that exists in the SQL Server Surface Area Configuration applet?
How? :-)
Thanks,
JoeNo. This is also something you do NOT want to do. If you could create
this, it would mean that every single SQL Server instance, including the
various SQL Server Express instances installed with thousands of different
applications would automatically be able to receive inbound connections from
remote clients. This was a very specific security issue that was addressed
in this version. All you have to do is to look up the Slammer worm and
you'll understand why you only want those instances which need to service
client connections able to do so.
Mike
http://www.solidqualitylearning.com
Disclaimer: This communication is an original work and represents my sole
views on the subject. It does not represent the views of any other person
or entity either by inference or direct reference.
"Joe" <jwdaigle@.nospam.nospam> wrote in message
news:Ow0cVf8KGHA.3396@.TK2MSFTNGP10.phx.gbl...
> Is it possible to create a group policy that sets the "remote connections"
> property that exists in the SQL Server Surface Area Configuration applet?
> How? :-)
> Thanks,
> Joe
>|||And if I wanted to ensure that it was never set to allow remote connections?
"Michael Hotek" <mike@.solidqualitylearning.com> wrote in message
news:uGopFv$KGHA.3264@.TK2MSFTNGP11.phx.gbl...
> No. This is also something you do NOT want to do. If you could create
> this, it would mean that every single SQL Server instance, including the
> various SQL Server Express instances installed with thousands of different
> applications would automatically be able to receive inbound connections
> from remote clients. This was a very specific security issue that was
> addressed in this version. All you have to do is to look up the Slammer
> worm and you'll understand why you only want those instances which need to
> service client connections able to do so.
> --
> Mike
> http://www.solidqualitylearning.com
> Disclaimer: This communication is an original work and represents my sole
> views on the subject. It does not represent the views of any other person
> or entity either by inference or direct reference.
>
> "Joe" <jwdaigle@.nospam.nospam> wrote in message
> news:Ow0cVf8KGHA.3396@.TK2MSFTNGP10.phx.gbl...
>
>|||Hi Joe,
Welcome to use MSDN Managed Newsgroup Support. And thank Michael's great
help!
As Michael stated, it does not mean that never set to allow remote
connection. You can allow remote connection for those instance you want to.
By default, only Enterprise, Standard and Workgroup editions allow remote
client connection.
If you have any questions or concerns, don't hesitate to let me know. We
are here to be of assistance!
Sincerely yours,
Wei Lu
Microsoft Online Partner Support
========================================
==============
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
========================================
=============
This posting is provided "AS IS" with no warranties, and confers no rights.|||So then it is not possible to ensure that "allow remote client connections"
is disabled via group policy? Thats too bad, because it requires me to
manually check systems for compliance.
Ok, thank you both for your help.
Joe
"Wei Lu" <t-weilu@.online.microsoft.com> wrote in message
news:Ap4y3JHLGHA.3052@.TK2MSFTNGXA01.phx.gbl...
> Hi Joe,
> Welcome to use MSDN Managed Newsgroup Support. And thank Michael's great
> help!
> As Michael stated, it does not mean that never set to allow remote
> connection. You can allow remote connection for those instance you want
> to.
> By default, only Enterprise, Standard and Workgroup editions allow remote
> client connection.
> If you have any questions or concerns, don't hesitate to let me know. We
> are here to be of assistance!
> Sincerely yours,
> Wei Lu
> Microsoft Online Partner Support
> ========================================
==============
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
> ========================================
=============
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>
>|||You are welcome, Joe.
Sincerely yours,
Wei Lu
Microsoft Online Partner Support
========================================
==============
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
========================================
=============
This posting is provided "AS IS" with no warranties, and confers no rights.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment