MIP Ideas Portal

Please address "legacy" security issues.

1.  NPSADMIN - Default account created by MIP install is installed with SQL Server SYSADMIN rights.  It is also installed with a default password that seems to be "proprietary" and cannot be changed.  This is a huge security risk.  I should never have to have a vendor user on my SQL Server that has SYSADMIN permissions, especially one that I cannot control the password for.  This is not secure, nor a best practice.

2.  Allow "split" installations.  Having to install an application on my database server is again a security issue, as well as not a best practice.  The installation of the application portion should be able to be installed on an application server, or any server the customer wants to install it on.  I should not be forced to compromise my database server by installing vendor applications.

  • Guest
  • May 17 2019
  • Attach files