Saturday, June 21, 2014

SQL Credentials SOP

 
"XYZ Company Logo and Address"

STANDARD OPERATING PROCEDURE
DEPARTMENT : " DEPARTMENT NAME

PROCEDURE NO: "PROCEDURE NO."
REVISION : " 0.0"

EFFECTIVE DATE: "DATE"
PAGE NO : 1 OF 1

TITLE : SQL CREDENTIALS SOP

PURPOSE/ SCOPE

To describe SQL credential creation for users to access the SQL database. 

RESPONSIBILITY

  1. Department or site administrator is responsible for submitting approved request to IT
  2. IT Executive is responsible for approving database credential request.
  3. IT Service Engineer/ Data center team / IT help desk team is responsible for implementing this procedure.

MATERIALS AND EQUIPMENT

  1. Desktop or Laptop
  2. SQL Server management Studio
  3. SQL Database

FREQUENCY

  1. As requested.

PROCEDURES

  1. Submit request email to itsupport@yourcompany.com, which will create a ticket in the help desk management software
  2. IT Executive will review the ticket as to whether all necessary details are included, then assign to appropriate team member for account creation.
  3. Assigned IT team member will open SQL Server Management Studio (run as administrator) and connect to appropriate database server/instance and follow the below process:
    1. Right-click the Security folder, point to New, and select Login
    2. In the Login – New dialog box, on the General page, enter the name of a user in the Login name box. If the user is in Active Directory, click Search… to open the Select User or Group dialog box.
    3. If you click Search…:
      Under Select this object type, click Object Types… to open the Object Types dialog box and select any or all of the following: Built-in security principals, Groups, and Users. Built-in security principals and Users are selected by default. When finished, click OK.
    4. Under From this location, click Locations… to open the Locations dialog box and select one of the available server locations. When finished, click OK.
    5. Under Enter the object name to select (examples), enter the user or group name that you want to find. For more information, see Select Users, Computers, or Groups Dialog Box.
    6. Click Advanced… for more advanced search options. For more information, see Select Users, Computers, or Groups Dialog Box - Advanced Page.
      Click OK.
    7. To create a login based on a Windows principal, select Windows authentication. This is the default selection.
      To create a login that is saved on a SQL Server database, select SQL Server authentication.
      In the Password box, enter a password for the new user. Enter that password again into the Confirm Password box.
    8. When changing an existing password, select Specify old password, and then type the old password in the Old password box.
    9. To enforce password policy options for complexity and enforcement, select Enforce password policy.
    10. To enforce password policy options for expiration, select Enforce password expiration. Enforce password policy must be selected to enable this checkbox.
    11. To force the user to create a new password after the first time the login is used, select User must change password at next login. Enforce password expiration must be selected to enable this checkbox. This is a default option when SQL Server authentication is selected.
    12. To associate the login with a stand-alone security certificate, select Mapped to certificate and then select the name of an existing certificate from the list.
    13. To associate the login with a stand-alone asymmetric key, select Mapped to asymmetric key to, and then select the name of an existing key from the list.
    14. To associate the login with a security credential, select the Mapped to Credential check box, and then either select an existing credential from the list or click Add to create a new credential. To remove a mapping to a security credential from the login, select the credential from Mapped Credentials and click Remove.
    15. From the Default database list, select a default database for the login.
    16. From the Default language list, select a default language for the login.
    17. Click OK.
  4. A one-time generic password will be added to the account for first-time log on unless users are in Active Directory.
  5. Assigned IT team member will add the login credentials (if necessary) to the ticket, which will notify the IT Executive and initial requestor that the credentials have been created.
  6. The Help Desk software will send the initial requestor the credentials in the notification email, who will then pass them on to the credential owner.
  7. After the completion of job, the assigned IT team member will close the request in the Help Desk software.
Posted by at