RE: Question To Test My Sanity

From: Sheehan, Jeremy <JEREMY.SHEEHAN_at_fpl.com>
Date: Thu, 11 Apr 2019 13:19:47 +0000
Message-ID: <d01be7901fe442aebd13cb9d1b93aa98_at_fpl.com>

We can log into the databases from our desktops, but it is filtered through a firewall rules tied through an active directory group. However, direct logging into the servers is not allowed from our desktops. We have to use a "jumpserver" (which requires a different Active Directory ID and a separate RSA token). So yes, when onsite, I have to use a separate ID and RSA token to log into any database server (Windows or 'Nix).

Thanks,

Jeremy

From: oracle-l-bounce_at_freelists.org <oracle-l-bounce_at_freelists.org> On Behalf Of Scott Canaan Sent: Thursday, April 11, 2019 8:06 AM
To: 'oracle-l_at_freelists.org' <oracle-l_at_freelists.org> Subject: Question To Test My Sanity

CAUTION - EXTERNAL EMAIL This is not so much of a technical question, but more of a procedural question.

Here's the back story. Yesterday, we were told by the Windows Sys Admins that they've decided that we (DBAs) are no longer allowed to access databases running on Windows servers directly from our PCs. We now have to remote into another server, called dbatools, and only from there can we directly access databases. They've loaded our tools (TOAD, PL/SQL Developer, SQL Server Management Studio, etc.) on that server and are in the process of removing our IP addresses from the firewalls on the Windows servers, forcing us to use this one server for all of our access.

When I asked why, the only answer I got was "security". What I read into that is "We don't trust you". This is being done without any input from us or any discussion, it's just happening.

The question: Has anyone else run into this kind of setup? Is this a common configuration?

Thank you,

Scott Canaan '88
Sr Database Administrator
Information & Technology Services
Finance & Administration
Rochester Institute of Technology
o: (585) 475-7886 | f: (585) 475-7520
srcdco_at_rit.edu<mailto:srcdco_at_rit.edu> | c: (585) 339-8659 CONFIDENTIALITY NOTE: The information transmitted, including attachments, is intended only for the person(s) or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy any copies of this information.

--
http://www.freelists.org/webpage/oracle-l

Received on Thu Apr 11 2019 - 15:19:47 CEST

This message: [ Message body ]
Next message: Kellyn Pot'Vin-Gorman: "Re: Question To Test My Sanity"
Previous message: Kellyn Pot'Vin-Gorman: "Re: Databases on AWS EC2"
In reply to: Scott Canaan: "Question To Test My Sanity"
Next in thread: Kellyn Pot'Vin-Gorman: "Re: Question To Test My Sanity"
Reply: Kellyn Pot'Vin-Gorman: "Re: Question To Test My Sanity"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message