Friday, January 9, 2009

SQL Server 2005 Surface Area Configuration Tool

An important security improvement in Microsoft SQL Server 2005 is that various of its features that could be potentially susceptible to security risks are turned off by default.

One of these features is that the built-in administrator of the machine on which SQL Server 2005 is installed, it is not automatically included in the SQL Server Administrators (SysAdmin role).

In the case you want to change this setting, you have to use the SQL Server 2005 Surface Area Configuration tool.

This tool can be found within the "Microsoft SQL Server 2005" program group (Configuration Tools --> SQL Server Surface Area Configuration) in Start Menu --> Programs.

When running the tool, you have to select "Add New Administrator". Then you will be presented the available SQL Server privileges which you can grant to your Windows user. Such privileges can be SQL Server SysAdmin role, Analysis Services Administrator role, etc.

Additionally you can use the Surface Area Configuration Tool for SQL Server Services, Connections and Features.

In SQL Server 2008 the Surface Area Configuration tool has been removed. The features of the tool have been replaced and enhanced by the powerful Policy-Based Management features.

A future post will explain in detail the Policy-Based Management Framework in SQL Server 2008.

For more information on using Policy-Based Management in Microsoft SQL Server 2008 you can visit the following Microsoft TechNet link:
Check out my latest eBook on SQL Server:
Tuning SQL Server - Ebook

Easily secure your SQL Server instances! Try out DBA Security Advisor!
DBA Security Advisor for SQL Server by SQLArtBits
DBA Security Advisor was developed by SQLArtBits. The tool was being carefully developed for an entire year and it contains comprehensive security checks and recommendations based on proven SQL Server security best practices. Feel free to download and use the Community Edition which is free and if you find it useful, you can consider upgrading to the Enterprise Edition!

Artemakis Artemiou [MVP]

Author & Editor

Artemakis Artemiou is a Senior SQL Server Architect, Software Developer and Microsoft Data Platform MVP. He is also an author, regular blogger, president of Cyprus.NET User Group and CY Country leader of INETA-EU. He is also the creator of DBA Security Advisor and In-Memory OLTP Simulator. Artemakis is a frequent guest author of worldwide well-respected online journals where he writes articles focusing on many SQL Server topics.

Reference: The SQL Server and .NET Hub (