Free Assessment

Azure_SQLServers_14

Avoid using names like 'Admin' for an Azure SQL Server Active Directory Administrator account

Description

Configure one Azure Active Directory account, either an individual or Network Security Group account, as an administrator. It is not necessary to configure an Azure AD administrator, but an Azure AD administrator must be configured if you want to use Azure AD accounts to connect to SQL Databases.It is recommended to avoid using names like ‘admin’ or ‘administrator’, which are targeted in brute force dictionary attacks.

Remediation

Perform the following in the Azure Console:

  1. Go to SQL Servers
  2. For each SQL Server
  3. Select Active Directory admin
  4. Press the Set Admin at the top of the page
  5. Select the active directory user you want to set as AD Admin for the SQL server.
  6. Press the Remove admin if not needed.

Default Values:
By default no AD Administrator is set for SQL server

References:

  1. https://docs.microsoft.com/en-us/azure/sql-database/sql-database-manage-logins

Service

Database Services

Severity

Medium

Compliance

Mapping

Want to Know More?

Learn how our partners are managing their cloud security and compliance with Cloudlytics.

I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.

Cloudlytics

Solutions

Resources

Company

Legal

Facebook Twitter Linkedin Youtube
Start Free Trial
Login

CLOSE

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!

Learn More