SQL Server Guest Account

Issue

By allowing the Guest account access to your database, you also allow any valid Microsoft® SQL Server™ logon account to have access to that database.

Solution

The security report lists all SQL Server databases that allow access to the Guest account, excluding master, tempdb, and msdb. For security reasons, we recommend that you remove the Guest account access from all other databases listed in the report and delete any sample databases.

Instructions

To remove the Guest account access from databases

1. Click Start, point to Programs, point to Microsoft SQL Server, and then click Enterprise Manager.
2. Double-click Microsoft SQL Servers, and then double-click SQL Server Group.
3. Click the Databases folder, click the database that you want to secure, and then click users.
4. In the right pane, right-click Guest, and then click Delete.

Additional Information

SQL Server Security Strategies

Establishing Application Security and Application Roles

©2002-2004 Microsoft Corporation. All rights reserved.