"Job Lot" < XXXX@XXXXX.COM > ha scritto nel messaggio
a MSDE instance can be easly registered as a linked server or in EM, from
remote (as long as the required network protocols are enabled) or local pc,
or using third party tools... as long as login privileges are set to the
logged user or a valid SQL Server login is known...
to access the databases, another issue must be granted (quite easy), that's
to say the logged user (login) is mapped to a valid database user...
if the login (both NT [trusted connections] or SQL Server [requiring "user"
and "pwd" credentials]) is member of WinNT administrators group (and thus)
or sysadmins server roles, he/she can actually do whatever he/she wants as
that membership grants illimitate privileges...
this design is part of the SQL Server security and can not be cut... so you
have to grant minimal privileges (server side) to logins in order to allow
only to specific logins the ability to access you databases..
a good article about security model is presented at
Andrea Montanari (Microsoft MVP - SQL Server)
DbaMgr2k ver 0.9.1 - DbaMgr ver 0.55.1
(my vb6+sql-dmo little try to provide MS MSDE 1.0 and MSDE 2000 a visual
--------- remove DMO to reply