Ole Automation Procedures


Job details

Name: Ole Automation Procedures
Platform: Sqlserver
Category: Security
Premium package: Security and compliance package
Description: Checks whether OLE Automation objects can be instantiated within Transact-SQL batches.
Long description: Checks whether OLE Automation objects can be instantiated within Transact-SQL batches which allow SQL Server users to execute functions external to SQL Server.
Version: 1.2
Default schedule: 18 1 1 *
Requires engine install: Yes
Compatibility tag: .[type=‘instance’ & databasetype=‘sqlserver’]/instance[maj_version > ‘2005′ & hasengine=‘YES’ & eng_inst_priv = 0 & (engine_edition = ‘Microsoft SQL Server’ engine_edition = ‘Azure SQL Managed Instance’)]

Parameters

Name Default value Description
return status 1 Return status value (ALARM – 2, WARNING – 1, or OK – 0) when the “Ole Automation Procedures” parameter is enabled.
disable Ole Automation Procedures NO If set to “YES“ the alert will disable “Ole Automation Procedures” (if it is enabled) by running sp_configure stored procedure.
history threshold 365 The maximum number of days to keep statistics for in the historic tables.

Job Summary

SELECT value_in_use FROM sys.configurations WHERE name = 'Ole Automation Procedures';

Job Details

Implementation Components

Table: Dependency Overview

Object Type Description
dbw_ole_automation_procedures_proc Main procedure Manages the core checking and logging
dbw_ole_automation_procedures_status_info Current status table Stores current activation status
dbw_ole_automation_procedures_status_histr History table Aggregates and archives data over time

Operational Logic

Exception Handling

Reporting and Monitoring

By continuously checking and managing the OLE Automation Procedures, this dbWatch job plays an essential role in maintaining system security and operational integrity, enabling database administrators to have fine control over database configurations.