Name:
Windows LOCAL groups
Platform:
Sqlserver
Category:
Security
Premium package:
Security and compliance package
Description:
Checks that Windows LOCAL groups are not SQL Logins.
Long description:
Checks that Windows LOCAL groups are not SQL Logins. These groups should not be used for any level of access into a SQL Server Database Engine instance.
Version:
1.2
Default schedule:
33 1 1 *
Requires engine install:
Yes
Compatibility tag:
[CDATA[.[type=‘instance’ & databasetype=‘sqlserver’]/instance[maj_version > ‘2005’ & hasengine=‘YES’ & eng_inst_priv = 0 & (engine_edition = ‘Microsoft SQL Server’ | engine_edition = ‘Azure SQL Managed Instance’)
Parameters
Name
Default value
Description
return status
1
Return status value (ALARM – 2, WARNING – 1, or OK – 0) when Windows LOCAL groups is a SQL Login.
disable login
NO
If set to “YES” the alert will disable the login by running “ALTER LOGIN
history threshold
365
The maximum number of days to keep statistics for in the historic tables.
← Symmetric Key encryption / Renamed sa account →
Feedback
× Thanks for your feedback.
Post your comment on this topic.