Name:
Guest database users
Platform:
Sqlserver
Category:
Security
Premium package:
Security and compliance package
Description:
Checks that CONNECT permission (in every non system database) are revoked for the guest user.
Long description:
Checks that CONNECT permission (in every non system database) are revoked for the guest user so that a login is not able to access database information without being mapped to a database user explicitly.
Version:
1.2
Default schedule:
12 1 1 *
Requires engine install:
Yes
Compatibility tag:
[CDATA[.[type=‘instance’ & databasetype=‘sqlserver’]/instance[maj_version > ‘2005’ & hasengine=‘YES’ & eng_inst_priv = 0 & (engine_edition = ‘Microsoft SQL Server’ | engine_edition = ‘Azure SQL Managed Instance’)
Parameters
Name
Default value
Description
return status
1
Return status value (ALARM – 2, WARNING – 1, or OK – 0) when CONNECT permission for the guest (in all non system databases) are not revoked.
revoke CONNECT
NO
If set to “YES” the alert will revoke “CONNECT” permission for guest user in every non system database by running “REVOKE CONNECT FROM guest”.
history threshold
365
The maximum number of days to keep statistics for in the historic tables.
← Instance Authentication Mode / Number of ERRORLOG files →
Feedback
× Thanks for your feedback.
Post your comment on this topic.