Options

Credentials for monitoring a server

MarkusMarkus Posts: 26 Bronze 2
edited July 15, 2016 5:22AM in SQL Monitor Previous Versions
I have a question.

When setting up a new server to be monitored what exact rights are required for a Domain account to monitor:

A server, and to monitor a SQL Server within SQL Server.

Right now I have admin rights and 'sa' rights assigned to the userids but our Internal audit is asking if any specific rights can be assigned that are lower than the current high elevation rights. I cannot seem to find anything in the documentation that speaks to this.
· Share on Twitter

Comments

  • Options
    Alex BAlex B Posts: 1,132 Diamond 4
    Hi Markus,

    Please see the requirements documentation here under Monitoring host Windows machines and Monitoring SQL Server instances. These are the permissions we indicate are required. I believe several customers have found the specific permissions needed for each data collection method (i.e. the permissions needed so these tests pass) for monitoring the host machine instead of requiring administrator privileges but we don't have a list of these or how to implement them.

    I hope this helps!

    Kind regards,
    Alex
    Product Support Engineer | Redgate Software

    Have you visited our Help Center?
    · Share on Twitter
  • Options
    MartyDonMartyDon Posts: 1
    Good day

    Question that I would like to know.
    I have followed the links to the documentation and some companies we monitor will not allow the account that we are using (created for redgate monitoring purposes) to be added to the sysadmin role.

    https://documentation.red-gate.com/disp ... ermissions

    I wanted to know anyone has used a script before to create this?

    Thanks
    Marty
    · Share on Twitter
  • Options
    Alex BAlex B Posts: 1,132 Diamond 4
    Hi Marty,

    I'm not sure I understand what you are referring to by 'to create this'? Are you referring to creating the user without sysadmin privileges or a script to enable the deadlock trace flag manually so it doesn't need sysadmin privileges? The former you would just not add it to the sysadmin role. For the latter you would use 
    DBCC TRACEON (1222, -1)
    (the -1 makes it global). This will only last until SQL Server is restarted so you may need to look into startup parameters to have it enabled each time SQL Server starts. To disable it it's just 
    DBCC TRACEOFF(1222, -1)
    .

    If I've misunderstood please let me know!

    Kind regards,
    Alex
    Product Support Engineer | Redgate Software

    Have you visited our Help Center?
    · Share on Twitter
Sign In or Register to comment.