As you might already know, security was a high priority for this release of SQL Server. Each individual in the SQL Server organization spent an enormous amount of time on security-related efforts. One thing that became clear during the security reviews and planning was that too many features in SQL Server were enabled by default. An effort was launched in the SQL Server organization to correct this and was called, appropriately enough, "Off By Default." One result of these efforts is the Surface Area Configuration Wizard. To open the Surface Area Configuration Wizard, select Microsoft SQL Server 2005, Configuration Tools, SQL Server Surface Area Configuration from the Start menu. Figure 2.6 shows the Surface Area Configuration Wizard. Figure 2.6. Configure the security surface area of your serverYou can choose one of two types of settings, as listed at the bottom of the screen shown in Figure 2.6 and discussed in the following sections.
Surface Area Configuration for Services and ConnectionsLet's first take a look at the configurations for services and connections. Ensure that the Integration Services service is running and the startup type is Automatic. Also, be aware of the Remote Connections setting in the Database Engine node. It's often the source of problems with connecting remotely. In general, you should be aware of all the features and settings that are impacted by this wizard. You might be scratching your head trying to figure out why something won't work until you realize it's off by defaultmore than a few users have been bitten by this! Figure 2.7 shows the Surface Area Configuration for Services and Connections dialog box. Figure 2.7. Configure services and connections that are off by defaultNote Occasionally, Integration Services fails to establish connections to SQL Server, even when on the same machine as the server. In case SQL Server Integration Services (SSIS) fails to connect, check the SAC Enable Remote Connection setting. Surface Area Configuration for FeaturesAs you can see in Figure 2.8, the Surface Area Configuration for Features dialog box allows you to turn off potentially vulnerable features in the Database Engine, Analysis Services, and Reporting Services. Figure 2.8. Configure features that are off by defaultAgain, you should become familiar with those features that have been disabled. You should get a descriptive error alerting you to the fact that the features are turned off. In the absence of such an error, a good first step is to double check the Surface Area Configuration Wizard to see if the feature you're trying to use is enabled. |