Manualshelf

Specifications

ManualsBrandsMicrosoft ManualsSoftwareSQL Server 2008 R2
51525354555657585960
Managing Utility Administration Settings CHAPTER 2 37
The Security Tab
From a security and authorization perspective, there are two security roles associated with a
UCP. The rst role is the Utility Administrator, and the second role is the Utility Reader. The
Utility Administrator is ultimately the “superuser” who has the ability to manage any setting
or view any dashboard or viewpoint associated with the UCP. For example, a Utility Admin-
istrator can enroll instances, manage settings in the Utility Administration node, and much
more. The second security role is the Utility Reader, which has rights to connect to the SQL
Server Utility, observe all viewpoints in Utility Explorer, and view settings on the Utility Ad-
ministration node in Utility Explorer.
You can use the Security tab in the Utility Administration node of Utility Explorer to view
and provide Utility Reader privileges to a SQL Server login. By default, logins that have
sysadmin privileges on the instance running the UCP automatically have full administrative
privileges over the UCP. A database administrator must use a combination of both Object Ex-
plorer and the Security Tab in Utility Administration to add or modify login settings afliated
with the UCP.
For example, the following steps grant a new user the Utility Administrator role by creating
a new SQL Server login that uses Windows Authentication:
1. Open Object Explorer in SSMS, and expand the folder of the server instance that is
running the UCP in which you want to create the new login.
2. Right-click the Security folder, point to New, and then select Login.
3. On the General page of the Login dialog box, enter the name of a Windows user in the
Login Name box.
4. Select Windows Authentication.
5. On the Server Roles page, select the check box for the sysadmin role.
6. Click OK.
By default, this user is now a Utility Administrator, because he or she has been granted the
sysadmin role.
The next example will grant a standard SQL Server user the Utility Reader read-only privi-
leges for the SQL Server Utility dashboard and viewpoints.
1. Open Object Explorer in SSMS, and expand the folder of the server instance that
is running the UCP in which you want to create the new login. For this example,
SQL2K8R2-01\test2 will be used.
MORE INFO Review the article “CREATE LOGIN (Transact-SQL)” at the following link
for a refresher on how to create a login in SQL Server: http://technet.microsoft.com
/en-us/library/ms189751.aspx.
2. Right-click the Security folder, point to New, and then select Login.