Name:
Public server role
Platform:
Sqlserver
Category:
Security
Premium package:
Security and compliance package
Description:
Checks if extra permissions have been granted to the public server role.
Long description:
Checks if extra permissions have been granted to the public server role. Every SQL Server login belongs to the public role and cannot be removed from this role.
Version:
1.2
Default schedule:
22 1 1 *
Requires engine install:
Yes
Compatibility tag:
[CDATA[.[type=‘instance’ & databasetype=‘sqlserver’]/instance[maj_version > ‘2005’ & hasengine=‘YES’ & eng_inst_priv = 0 & (engine_edition = ‘Microsoft SQL Server’ | engine_edition = ‘Azure SQL Managed Instance’)
Parameters
Name
Default value
Description
return status
1
Return status value (ALARM – 2, WARNING – 1, or OK – 0) when extra permissions have been granted to the public server role.
revoke extra permission
NO
If set to “YES” the alert will revoke extra permission from the public server role by running “REVOKE FROM public”.
history threshold
365
The maximum number of days to keep statistics for in the historic tables.
← Scan for startup procs / Orphaned database users →
Feedback
× Thanks for your feedback.
Post your comment on this topic.