SQL Server Installation Recommendations

Previous page
Table of content
Next page

If you are building a new database server from scratch, there are a number of considerations to take into account before installing SQL Server. Also, it is a good idea to perform a custom installation of SQL Server so you can select the most secure installation options.

Before Running SQL Server Setup

Before you run the SQL Server setup program, check the following items:

  • Create a least privileged local account with which to run the SQL Server service. Use this account when you are prompted for service settings during setup. Do not use the local system account or an administrator account.

  • Make sure you do not install SQL Server on a domain controller.

  • Make sure you install SQL Server on a partition formatted with NTFS.

  • Install SQL Server program and database files on a non-system volume, separate from the operating system.

Installing SQL Server

When installing SQL Server on a production server, choose the custom setup option. When you do this, you can selectively choose the items to install. You should not install the items listed in Table 18.2 on a production database server.

Table 18.2: Items Not to Install During Custom Installation

Tool

Purpose

Upgrade tools

Used to upgrade SQL Server 6.5 databases

Replication support

Script and binary files used for replication. (Do not install unless you need replication.)

Full text search

Full text search engine (Microsoft Search service). Do not install unless you require full text search.

Books online

SQL Server documentation

Development tools

Headers and library files used by C developers and Microsoft Data Access (MDAC), and XML software development kits (SDKs), and an interface for stored procedure debugging.

Code samples

Sample code used to educate developers.

Also, select Windows authentication mode unless SQL Server authentication is specifically required. Windows authentication offers the following advantages:

  • Existing domain and local security policies can be used to enforce strong passwords and account management best practices.

  • Credentials are not passed over the network.

  • Application database connection strings do not require credentials.

If you select Mixed Mode, create a strong password for the sa account. The sa account is a prime target for password guessing and dictionary attacks.



Previous page
Table of content
Next page
Improving Web Application Security. Threats and Countermeasures
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
Year: 2003
Pages: 613
Authors: Microsoft Corporation
BUY ON AMAZON
Database Modeling with MicrosoftВ® Visio for Enterprise Architects (The Morgan Kaufmann Series in Data Management Systems)
Oracle Developer Forms Techniques
Developing Tablet PC Applications (Charles River Media Programming)
Excel Scientific and Engineering Cookbook (Cookbooks (OReilly))
Lotus Notes Developers Toolbox: Tips for Rapid and Successful Deployment
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy