patternsqlMinor
Turning OFF CHECK_POLICY by default
Viewed 0 times
turningdefaultoffcheck_policy
Problem
We moved from SQL Server 2000 to SQL Server 2005. The client software, which I can not change, creates a user without option
After creating a user, I have to run the command
Disable the policy, as recommended, I can not.
Is it possible to disable the default
CHECK_POLICY = OFF;After creating a user, I have to run the command
ALTER LOGIN username WITH CHECK_POLICY = OFF;Disable the policy, as recommended, I can not.
Is it possible to disable the default
CHECK_POLICY that without her CREATE LOGIN user created with CHECK_POLICY = OFF?Solution
You do it with a DDL Trigger that captures the DDL event for
CREATE LOGINCREATE TRIGGER PolicyStuff
ON ALL SERVER
FOR CREATE_LOGIN
AS
SET NOCOUNT ON;
IF EVENTDATA().value('(/EVENT_INSTANCE/LoginType)[1]','nvarchar(100)') = 'SQL Login'
BEGIN
DECLARE @sql nvarchar(1000) = 'ALTER LOGIN ' + QUOTENAME(EVENTDATA().value('(/EVENT_INSTANCE/ObjectName)[1]','nvarchar(max)')) + ' WITH CHECK_POLICY = OFF;';
EXEC(@sql);
END
GO
CREATE LOGIN foo WITH PASSWORD='C-mplex654Password', CHECK_POLICY=ON;
GO
SELECT SL.name, SL.is_policy_checked FROM sys.sql_logins SL WHERE SL.name = 'foo'
GO
DROP LOGIN foo
GOCode Snippets
CREATE TRIGGER PolicyStuff
ON ALL SERVER
FOR CREATE_LOGIN
AS
SET NOCOUNT ON;
IF EVENTDATA().value('(/EVENT_INSTANCE/LoginType)[1]','nvarchar(100)') = 'SQL Login'
BEGIN
DECLARE @sql nvarchar(1000) = 'ALTER LOGIN ' + QUOTENAME(EVENTDATA().value('(/EVENT_INSTANCE/ObjectName)[1]','nvarchar(max)')) + ' WITH CHECK_POLICY = OFF;';
EXEC(@sql);
END
GO
CREATE LOGIN foo WITH PASSWORD='C-mplex654Password', CHECK_POLICY=ON;
GO
SELECT SL.name, SL.is_policy_checked FROM sys.sql_logins SL WHERE SL.name = 'foo'
GO
DROP LOGIN foo
GOContext
StackExchange Database Administrators Q#43321, answer score: 6
Revisions (0)
No revisions yet.