Securing the Administration Database

It is important to lock down the server that hosts the Administration database for your site. When you run Commerce Server Setup, you give the users of that computer full control of the Administration database.

Important

• It is recommended that you secure each Administration table as described in this section to grant the anonymous account the appropriate permissions on each Administration database table.

Although the SQL password for the Administration database login is encrypted in the Windows registry, it is possible for users to gain access to it by using a script that accesses one of these programming objects: SiteConfigReadOnly, SiteConfig, or GlobalConfig. Make sure that users cannot gain access to the computer or run scripts on it after you complete Setup.

SiteConfig and GlobalConfig are registered as COM+ components with security roles. SiteConfigReadOnly, however, does not have a security role and it is available to the public.

You can restrict usage of the SiteConfig and GlobalConfig objects by modifying the access control lists (ACLs) on the registry keys for these object classes. To restrict access to these objects, change the permissions on these objects through the Windows Registry Editor. For instructions, see Changing the Permission on an Administrative Object.

This section contains:

• Securing the SiteConfigReadOnly Object
• Changing Permission on an Administrative Object
• Securing MSCS_Admin Tables
• Securing the ExtendedProps Table
• Securing the Pupdbscripts Table
• Securing the ResourceProps Table
• Securing the Resources Table
• Securing the SiteResources Table
• Securing the Sites Table

Copyright © 2005 Microsoft Corporation.
All rights reserved.