Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...SQL Server 2005SQL Server 2005
Previous
 
Next
New Post
6/21/2007 10:02 AM
 
Dylan Barber


www.braindice.com
Joined: 4/25/2003
Posts: 715

Okay normally I dont worry about it too much about security - I make regualr backups and figure if something happens I just go back a day change passwords etc. and I am done

My boss doesnt see it that way we are building out a DNN application that has to be fairly secure and I wont be able to go back and lose a day so what is the minimum roles/schema that a DNN install should have for the user that does the heavy lifting

I would like to create a role that handles it but not being a SQL Server 2005 person not sure I am choosing the right things

so I create a database that has all these roles avaialbe
aspnet_Membership_BasicAccess
aspnet_Membership_FullAccess
aspnet_Membership_ReportingAccess
aspnet_Profile_BasicAccess
aspnet_Profile_FullAccess
aspnet_Profile_ReportingAccess
aspnet_Roles_BasicAccess
aspnet_Roles_FullAccess
aspnet_Roles_ReportingAccess
db_accessadmin
db_backupoperator
db_datareader
db_datawriter
db_ddladmin
db_denydatareader
db_denydatawriter
db_owner
db_securityadmin

 

What ones should I have and what ones should I avoid - advice is appreciated

Dylan Barber http://www.braindice.com - Dotnetnuke development classes - skins and modules
 
New Post
6/21/2007 10:16 AM
 
Michael

Joined: 8/4/2004
Posts: 181

Have you consulted the documentation on hardening a DNN installation, its on the list of documents at this location www.dotnetnuke.com/Resources/Documentation/tabid/478/Default.aspx
 
New Post
6/21/2007 1:00 PM
 
Dylan Barber


www.braindice.com
Joined: 4/25/2003
Posts: 715

Yes I have read that and we have done a few of the things in there to help out security but it doenst really address what to do if you cant use Windows Auth in SQL server what roles should the user have to minimize damage someone might cause if they got hold of the username pass in the web.config

And when setting it up for Windows Auth what roles whould i set up the user for

 

Just some good solid advice would be nice

Dylan Barber http://www.braindice.com - Dotnetnuke development classes - skins and modules
 
 Page 1 of 1
Previous
 
Next
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...SQL Server 2005SQL Server 2005


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out