| Name: |
Password expiration (sysadmin) |
| Platform: |
Sqlserver |
| Category: |
Security |
| Premium package: |
Security and compliance package |
| Description: |
Checks that CHECK_EXPIRATION option is set to ‘ON’ for all SQL authenticated logins within the sysadmin role. |
| Long description: |
Checks that CHECK_EXPIRATION option is set to ‘ON’ for all SQL authenticated logins within the sysadmin role. |
| Version: |
1.2 |
| Default schedule: |
20 1 1 * |
| Requires engine install: |
Yes |
| Compatibility tag: |
[CDATA[.[type=‘instance’ & databasetype=‘sqlserver’]/instance[maj_version > ‘2005’ & hasengine=‘YES’ & eng_inst_priv = 0 & (engine_edition = ‘Microsoft SQL Server’ | engine_edition = ‘Azure SQL Managed Instance’) |
| Parameters |
|
|
| Name |
Default value |
Description |
| return status |
1 |
Return status value (ALARM – 2, WARNING – 1, or OK – 0) when CHECK_EXPIRATION option is set to “OFF”. |
| enable check expiration |
NO |
If set to “YES” the alert will alter the login by running “ALTER LOGIN |
| history threshold |
365 |
The maximum number of days to keep statistics for in the historic tables. |
← Remote access / Scan for startup procs →
Feedback
Thanks for your feedback.
Post your comment on this topic.