000031356 - AAOP: SQL server hardening removing xp_cmdshell

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000031356
Applies ToRSA Product Set: Adaptive Authentication (OnPrem)
RSA Product/Service Type: Adaptive Authentication (OnPrem)
RSA Version/Condition: 7.x
Platform: Windows
Platform (Other): SQL Server
IssueThe xp_cmdshell option is a SQL Server server configuration option that enables system administrators to control whether the xp_cmdshell extended stored procedure can be executed on a system. By default, the xp_cmdshell option is disabled on new installations.  Questions on whether to disable xp_cmdshell come up when customer is looking at hardening their database server.
Resolutionxp_cmdshell is not used by Adaptive Authentication On-Prem and can be disabled.