Environment
Situation
Resolution
SQL 2005 Minimum Privileges for NetIQ SCM compliance checks
SQL login "NetIQ_SCM_agent"
This document describes the configuration procedure required to add a
SQL Server endpoint to NetIQ Secure Configuration Manager
The account that will be used to interrogate the SQL requires access
permissions to the following SQL components.
1. distribution
1. dbo.MSpublication_access
2. dbo.MSpublications
3. dbo.MSsubscription_properties
4. dbo.MSSubscriptions
5. dbo.syspublications
2. master
1. dbo.spt_values
2. dbo.sysdatabases
3. dbo.sysobjects
4. dbo.sysprocesses
5. dbo.sysusers
6. sys.all_objects
7. sys.configurations
8. sys.database_permissions
9. sys.database_principals
10. sys.databases
11. sys.schemas
12. sys.server_principals
13. sys.server_role_members
14. sys.sql_logins
15. sys.sql_modules
16. sys.syscomments
17. sys.triggers
3. msdb
1. dbo.backupfile
2. dbo.backupmediafamily
3. dbo.backupset
4. dbo.syscategories
5. dbo.sysdtspackages
6. dbo.sysjobhistory
7. dbo.sysjobs
8. dbo.sysjobsteps
9. dbo.sysoperators
10. sys.databases
11. sys.linked_logins
12. sys.remote_logins
13. sys.server_principals
14. sys.servers
15. sys.sql_logins
4. Any user defined tables to gather data from -This is a parameter
to checks.
1. dbo.spt_values
2. dbo.sysobjects
3. dbo.sysusers
4. sys.all_objects
5. sys.database_permissions
6. sys.database_principals
7. sys.schemas
8. sys.server_principals
9. sys.server_role_members
10. sys.sql_logins
11. sys.sql_modules
12. sys.syscomments
13. sys.sysobjects
14. sys.sysprotects
15. sys.sysusers
16. sys.triggers