Skip to content

Ensure 'Ole Automation Procedures' Server Configuration Option is disabled


The Ole Automation Procedures option controls whether OLE Automation objects can be instantiated within Transact-SQL batches. These are extended stored procedures that allow SQL Server users to execute functions external to SQL Server.


Enabling this option will increase the attack surface of SQL Server and allow users to execute functions in the security context of SQL Server.

Applies To

  • Databases


This rule is applied when the following tags are present:

Tag With Value
secureclouddb/provider aws
secureclouddb/service rds
secureclouddb/engine sqlserver

Default Rule

const { checkServerSetting } = module
 * @param {Object} databaseSettings - database settings object
 * @returns {boolean} true if 'Ole Automation Procedures' is set to 0
function validate(databaseSettings) {
    const success = checkServerSetting(databaseSettings, 'Ole Automation Procedures', "0")

    return {