Blog | Newsletter | Download | Contact

LOGbinder Blog

Updates, Tips and News   RSS Feed  
Search
Categories
Recent Blogs
Archive

«  SQL Server Audit Support ... | Audit Myth Busters: Share... »

LOGbinder SP use of SQL Privileges

Thu, 10 Oct 2013 09:33:13 GMT

***This blog post is still important but outdated.  Please see this post for updated least privilege changes.***

Issue

In the blog on www.logbinder.com (Workaround if LOGbinder SP is having SQL database issues), a suggested workaround for insufficient privileges to SharePoint’s SQL databases is to add the LOGbinder service account as a database administrator (DBO). The question arises: How does LOGbinder SP use these elevated privileges?

Access to SharePoint databases

First, it must be understood that LOGbinder SP does not access SharePoint’s SQL databases directly. All access to SharePoint data is through the SharePoint Server Object Model (see http://msdn.microsoft.com/en-us/library/jj164060.aspx). LOGbinder SP does not execute any Transact-SQL commands directly, nor does LOGbinder SP access the SQL database directly to adjust database structure, privileges, and so forth.

The workaround suggested in the above blog is recommended based on troubleshooting in our labs, to address what apparently is a defect in the SharePoint Server Object Model. LOGbinder SP does not then use these elevated privileges to perform other activity.

LOGbinder SP’s use of SharePoint data

Even though LOGbinder SP accesses SharePoint through its object model, a secondary question may be: What activity does LOGbinder SP perform in SharePoint? LOGbinder SP’s main activity is to read SharePoint audit logs, as well as to read metadata about SharePoint site collection, lists, libraries, users, groups, and similar entities.

Through the SharePoint Server Object Model, LOGbinder SP does make some changes to SharePoint (the customer specifies these changes in the LOGbinder Control Panel). The changes LOGbinder SP will make to SharePoint include: adding/removing site collection administrators, adjusting audit policy settings for a site collection, adjusting the audit log trimming setting for a site collection, and deleting audit log records. (The documentation for LOGbinder SP contains details on these actions.) So, other than purging old log data and setting audit policy according to configuration settings by the administrator, there is nothing that LOGbinder does that modifies or could corrupt SharePoint content or the SQL database.

email this digg reddit
comments (0) references (0)
Related:
Today we revolutionize using Windows Event Collection at scale
Latest version of Supercharger brings 50+ updates
How to Monitor Active Directory Changes for Free: Using Splunk Free, Supercharger Free and the New Splunk App for LOGbinder
Updated - SQL Server Audit Support in Different Editions and Versions

Comments disabled

powered by Bloget™
Login | Terms of Use | Privacy
LOGbinder is a division of Monterey Technology Group, Inc. ©2006-2024 All rights reserved.
For complaints please contact abuse@logbinder.com.