DBAs should create databases, not developers

Say it with me… “Least privileges”. We don’t use the ##MS_DatabaseManager## role (or its twin db_creator), mostly because, well… …because I hold an unpopular opinion: Only DBAs should be able to create, much less assign ownership to, a database. I’ve got 99 problems, but this ain’t one. #SQL #SQLServer #DataArchitecture #DataSecurity

Andreas Wolter

1mo Edited

You probably missed this (I did, too): Privilege escalation vulnerability in SQL Server ##MS_DatabaseManager##-server role found. The doc was updated July 2025. (Updated from Oct as per Microsofts comment here on LinkedIn) (Link https://lnkd.in/gMi5ZeWc) The finder will publish the elevation path soon. For now, all you can do is to make sure you audit & check activities by members. Update: after further investigation I do not recommend using this role in security sensitive environments until there is a fix. See follow up articles

To view or add a comment, sign in

More Relevant Posts

Ralf Dietrich
3w
Report this post
A little more transparency is good – but fixing the bug would be even more desirable? Or will this issue be handled as "by design"? But at least, thanks for documenting it.
Andreas Wolter

SQL Server & Data Platform Security Assessments | Ex-Microsoft PM (Data Security) | MCSM (1 of 7 worldwide) | Founder, Sarpedon Quality Lab (US) → See how the SQL Server Security Assessment works (link below)
1mo Edited

You probably missed this (I did, too): Privilege escalation vulnerability in SQL Server ##MS_DatabaseManager##-server role found. The doc was updated July 2025. (Updated from Oct as per Microsofts comment here on LinkedIn) (Link https://lnkd.in/gMi5ZeWc) The finder will publish the elevation path soon. For now, all you can do is to make sure you audit & check activities by members. Update: after further investigation I do not recommend using this role in security sensitive environments until there is a fix. See follow up articles
Like Comment
To view or add a comment, sign in
DB24

581 followers
6d
Report this post
Are you, or other users, experiencing performance drops at the same time every day? It is a far too common of a problem in many SQL Server environments, without anyone actually understanding WHY it happens in the first place. But there are a few usual suspects to keep a lookout for. Swipe through to see which ones they are. #SQLserver #databaseperformance
Like Comment
To view or add a comment, sign in
Gayathridevi Mukesh
2w
Report this post
What if you could measure your SQL Server health with a single score? 🤔 In most production environments, we check performance issues separatelyblocking, slow queries, CPU usage, job failures… But there’s no simple way to understand overall database health at a glance. So I built this 👇 👉 SQL Server Performance Score System 🔗 https://lnkd.in/eCh7cb7B

GitHub - gayathridevi1993/sqlserverperformancescoresystem: sql-server-performance-score-system github.com
Like Comment
To view or add a comment, sign in
Steve Stedman
1w
Report this post
Don’t let blocking or deadlocks slow your SQL Server. Our video explains their differences and how to troubleshoot them. Watch now: https://lnkd.in/gxzCgwKp https://lnkd.in/gxzCgwKp

PNG IHDR ¢

media.databasehealth.com
Like Comment
To view or add a comment, sign in
Fabio Pennisi
1mo
Report this post
Your SQL Server just froze. Users are screaming. Here's exactly where an experienced DBA looks first - before panic sets in. https://lnkd.in/g6b6tzgm #sqlserver #database #slowdatabase

SQL Server Suddenly Slow - What to Check First https://dataservicesgroup.com.au

1 Comment
Like Comment
To view or add a comment, sign in
Data Services Group

53 followers
1mo
Report this post
Your SQL Server just froze. Users are screaming. Here's exactly where an experienced DBA looks first - before panic sets in. https://lnkd.in/gmnN5fsJ #sqlserver #database #slowdatabase

SQL Server Suddenly Slow - What to Check First https://dataservicesgroup.com.au
Like Comment
To view or add a comment, sign in
Data Services Group

53 followers
3w
Report this post
TempDB ate your disk and your manager is breathing down your neck. Here's how to wrestle it back without taking SQL Server offline. https://lnkd.in/gh4jWE5B #SQLServer

How to Shrink SQL Server TempDB Without Restarting the Instance https://dataservicesgroup.com.au
Like Comment
To view or add a comment, sign in
blendi vangjeli
1mo
Report this post
Successfully deployed a 2 node SQL Server Availability Group with automatic failover and synchronous replication. Best tool for High Availability – SQL Server Always On provides automatic failover, data protection and peace of mind. 😌
Like Comment
To view or add a comment, sign in
wafaa mohamed
2w
Report this post
Why is my SQL Server stuck? Ever had your database "hang" for no reason? No errors, just infinite loading? The cause is often a Forgotten Transaction. Someone started a task but never finished it (No Commit or Rollback). This locks the data and blocks everyone else. The Fix: Use this simple query to find the Block How it helps: ✅ Who: Shows the user name holding the lock. ✅ When: Shows exactly when they started. ✅ Action: Gives you the session_id so you can stop the process and free the database.
10 Comments
Like Comment
To view or add a comment, sign in
sqlfingers inc

108 followers
2w
Report this post
Misaligned Log IOs After Hyper-V Conversion: Cause and Solution Every once in a while, SQL Server hands you an error message you've never seen before. This post is one of those cases. THE ERROR My customer recently converted a physical server to Hyper-V. Shortly after turning everything back on and resuming the logshipping, this started appearing in the SQL Server error log:…..more https://lnkd.in/e-g886aS

Misaligned Log IOs After Hyper-V Conversion: Cause and Solution sqlfingers.com
Like Comment
To view or add a comment, sign in

1,228 followers

524 Posts

View Profile Connect

DBAs should create databases, not developers

More Relevant Posts

Explore content categories