Powershell Password Encryption & Decryption

One of the common task in PowerShell script design and execution is credential encryption requirement. Some privileged account is used and its credential need to pass to the script in order to access resources. It becomes crucial especially when the execution tasks are being delegated to other users or being automated. As storing the password as clear text is huge security risk and the last thing desired, here in this blog post we discuss a few options on storing the credential securely.

SQL Security Delegation With Grant Option and db_securityadmin

If you are a database administrator and intend to delegate some database security permission tasks to another user, there are a few ways to achieve this in SQL Server. There are fixed database roles like db_securityadmin and With Grant Option permission method. It is important to understand how it works and watch out some of their interesting behaviors.

SQL Server Locked Out - Sysadmin Access

You are newly hired and you found out the previous DBA who manage the database left without informing anyone the sa account password, and there is no way to reach him. SQL login or Windows user accounts with sysadmin privilege were disabled or removed intentionally or accidentally. What to do now?

SQL Server Default Sysadmin

We discussed about service account and per-service SID used by SQL Server and other components in our last post. During SQL Server installation, the process also automatically created a few logins and some of them are assigned with sysadmin fixed server role.

SQL Server Service Account and Per-Service SID

Starting from Windows Vista and Windows Server 2008, some enhancements have been implemented to  tighten ('harden') system service resource accessibility and privilege isolation. Per-service SID are introduced to enable service to run without a high privilege service account, and isolate service resource access from other service.