Create Database Role Via T-SQL
Feb 23, 2008
I have created the functionality to dynamically create databases and am now trying to figure out how to create database roles using T-SQL.
I keep finding information about the sp_addrole stored procedure which is the first step, but how do you go about defining what permissions this role has via T-SQL?
Thanks
View 3 Replies
ADVERTISEMENT
Mar 22, 2007
Hi,
I want my application to create database and I do the following things:
1)Create application role
2)Grant create database to application role
3)Activate application role
4)Create database
and I get the answer:
CREATE DATABASE permission denied in database 'master'.
View 1 Replies
View Related
Jan 7, 2004
Hi,
I hv an application which is using ASP.net. The connectionstring in web.config is
<appSettings>
<add key = "constring" value = "Initial Catalog=mydatabase;Data Source=mypc-pc;User ID=User1; Password=password1"/>
</appSettings>"
Then, i hv created a user in SQL Server 2000 which is User1. What should i put for the database role? db_owner or just db_datareader and db_datawriter?
pls help.
Thnx
View 4 Replies
View Related
Jan 9, 2006
In sql server 2000, I created some custom database roles called ProjectLeader and Developer. I would make these roles a member in the fixed database roles so that I would only have to add the user to the ProjectLeader or Developer role once and they would presto-magico have the security I wanted them to have with no unecessary mouse clicking. I'm not sure how to repeat this process in 2005? Management Studio doesn't seem to allow you to add a role as a member in another role. Is there a work around or solution for this?
View 1 Replies
View Related
May 18, 2007
Ive been reading over the documentation and some stuff online, but I still dont really understand what the difference is and when you would use one vs the other. Can someone put it in simple terms for this dummy (me) ?
thanks
View 2 Replies
View Related
Feb 29, 2008
Hi,
I have SQL server 2005 (Developer edition) installed and I want to add a database role to a database role. It is working on my SQL 2000 server,however, when I tried to do the same thing on SQL2005, It didn't allowed me.
When I go to the Add role and then adding members to the role, the browse screen does not allow me the choice of object type Roles. It only shows me "Users".
Can someone please help me with this and provide me some information of how / what should I set to get the Roles in object types list so I can add a role to a role.
Thanks
View 4 Replies
View Related
Jul 20, 2007
I use the following script in order to create db role:
USE [MyDB]GOCREATE ROLE [myRole] AUTHORIZATION [public]GO
It doesn't work:
Msg 15405, Level 16, State 1, Line 1
Cannot use the special principal 'public'.
However this code works fine:
USE [MyDB]GOCREATE ROLE [myRole] AUTHORIZATION [dbo]GOALTER AUTHORIZATION ON ROLE::[myRole] TO [public]GO
So the question is why?
View 6 Replies
View Related
Aug 23, 2002
I get the following errors associated with trying to create an SP.
Server: Msg 170, Level 15, State 1, Procedure AddFortuneUser, Line 8
Line 8: Incorrect syntax near '@newuser'.
Server: Msg 137, Level 15, State 2, Line 1
Must declare the variable '@newuser'.
Can anyone explain why I have to do a declare.
I suspect I have to issue "declare @newuser sysname" somewhere but I'm not sure why.
The following is the code I'm trying to run.
My intent would be to create a form for the Admin Clerk that would call this SP. That way they can create a generic login. They have an application that allows them to change the password after the fact.
/*
Created for Admin person to allow them to add a basic SQL Login Account
forcing the user to be a member of a specific role 'helmsman'
in a specific database 'Fortune'
*/
CREATE PROCEDURE AddFortuneUser
@newuser char(128)
AS
EXEC master..sp_addlogin @loginame=@newuser, @passwd =substring(@newuser,1,8), @defdb =Fortune
GO
if not exists (select * from dbo.sysusers where name = @newuser and uid < 16382)
EXEC sp_grantdbaccess @loginame=@newuser, @name_in_db=@newuser
GO
exec master..sp_addrolemember @rolename ='helmsman', @membername =@newuser
GO
View 1 Replies
View Related
Jul 10, 2007
Hi, dear friends,
Just found that I am not able to ignore the name column property for role-palying dimension even though I only select one of the key columns for this dimension in the mining structure where the role-playing dimension is used? E.g I have a fact table (which is the case table for the mining structure) which is related to the role-playing date dimension. The schema is as following:
Dim_event_day_time_key
Dim_carrier_day_time_key
Dim_domain_day_time_key
.....................................
and other attibutes in the fact table.
When I dragged the 'hours' attribute from the dim_day_time table to the mining structure, if I left the key columns of 'Hours' as the above 3 columns, then I have to select a name column, by then I dont have a name column in the dimension table yet. Therefore I want to jsut select one key column as the key of that role-playing dimension in the mining structure, but then I am not able to ignore the 'name column' property as it still always asks me to select the 'name column' for that.
Therefore my question is: we are not allowed to select only one key columns in the mining structure for the role-playing dimension? And we will have to always go to the data source view to create a named calculation as the new column for the role-playing dimension?
Hope my question is clear for your advices and I am looking forward to hearing from you shortly.
Thanks a lot in advance.
With best regards,
Yours sincerely,
View 1 Replies
View Related
May 11, 2015
Need to create a user defined role with grant permissions for below .
View Definition
Execute all Function
Grant View
Grant Synonym
dbo
View Definition
Not getting grant statements for above permissions.
I mean like below.
-----------------------------------------------------------------
CREATE ROLE [Role1]
GRANT EXECUTE ON SCHEMA ::dbo TO [Role1]
-----------------------------------------------------------------
View 1 Replies
View Related
May 9, 2008
Can anyone help me with this? The objective is to allow an application user (with db_datareader & db_datawriter database roles assigned) to be able to create tables in the assigned schema (dbo) via a new role.
-- Create User
use master
go
create login DBA with password='xx', CHECK_EXPIRATION=ON, CHECK_POLICY=ON
use AdventureWorks
go
create user dba from login DBA
alter user dba with DEFAULT_SCHEMA=dbo
go
-- Create Role
use AdventureWorks
go
create role sp_ddl_role AUTHORIZATION dbo
grant CREATE TABLE to sp_ddl_role
-- assign user to Role
use AdventureWorks
go
exec sp_addrolemember sp_ddl_role, dba
go
-- Create Table statement then run with following error
Error:
Msg 2760, Level 16, State 1, Line 1
The specified schema name "dbo" either does not exist or you do not have permission to use it.
Remedy: Grant ALTER on schema::dbo to sp_ddl_role
My problem is that I want to restrict user permissions via this role to just the CREATE TABLE and granting ALTER on a SCHEMA will open up a whole lot more permissions from a security standpoint.
Question: How do I restirct this role to just the CREATE TABLE within a SCHEMA?
View 1 Replies
View Related
Mar 28, 2007
Hi,
I have found that in the autogenerated model attributes are missing for those fields that have relations to other tables. At first, it may look reasonable since a user can still get down to the field's value through the relation/related table. However, if the relation's key fields is the only thing the user wants to display, then going down to the related table is an overkill.
I can add an attribute manually and bind it to the key field(s). Is there an option in the autogeneration process to do it automatically? The only post I've found so far suggests to do everything manually (http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=1152575&SiteID=1). Is this the only way?
Thank you,
Leonid
View 3 Replies
View Related
May 26, 2015
An old website I inherited uses sa to connect to SQL SessionState and had the details in the web.config. This is bad for security.The session state database is of -sstype "t" which is defined as:Temporary. Session state data is stored in the SQL Server tempdb database. Stored procedures for managing session state are installed in the SQL Server ASPState database. Data is not persisted if you restart SQL. This is the default.What kind of WIndows user, SQL Login, role and permissions do I need to create to make Session State secure? (Windows Server 2012 and SQL Server 2012 mixed mode authentication, Webfarm).
View 4 Replies
View Related
Sep 5, 2006
I want a database user to be able to alter login, database user and database role from my application. so, i assigned that user to sccurityadmin server role, db_accessadmin and db_securityadmin database roles....By now, the user can add or remove login and database user. However, the user cannot add or remove any database role membership. What am I missing here?? What should I do so that the user can create, and alter database roles in the database??
View 1 Replies
View Related
Oct 2, 2007
I am using SQL express and Visual web developer on windows Vista.
When I try to create a new database the following message appears.
CREATE DATABASE permission denied in database master (error 262)
I log on to my computer as an administrator.
Help appreciated
Prontonet
View 4 Replies
View Related
Feb 18, 2008
Hi,
I have a database with 500+ tables and 1000+ views and equal no of stored procedures. I have a sql server login id which I have included in the following roles:
db_datareader
db_datawriter
now the issues is.. i want to revoke delete permission from certain tables. Any revoke or deny do not affect the behaviour i.e. even after successfully executing revoke/deny statements on these tables for DELETE statement.. user is able to DELETE.
pl advise the best way to revoke delete permission from a few (half dozen) tables out of the total.
regards,
D2
View 1 Replies
View Related
May 14, 2008
Can we assign serverrole to a database role.
For example i have a new role created as A
Now can i add A to any of the server role..
Please advice..
Thanks,
ServerTeam
View 2 Replies
View Related
Dec 12, 2007
Hi,
I am using SQL server 2000 and when I look in the database role membership I have SuperUser as a role.
Can I have the definition of SuperUser?
View 1 Replies
View Related
Dec 17, 2007
database role properties/ permissions
when i click permissions it takes forever to pop up the window.
Anyone know why and how do i make it faster.
http://www.sqlserverstudy.com
View 5 Replies
View Related
Oct 12, 2007
Hello.
I've moved a database from 2000 to 2005 and in 2005 I cannot see the permissions for this Database Role that I created. In 2000 you just right-clicked, selected properies and clicked on permissions. Am I going mad here or is this not an option in 2005. If not, how do I see the permissions that have been given to the role?
The 2005 database I refer to is on standard edition SP2
Thank You
View 7 Replies
View Related
May 14, 2008
NOTE: I am talking about roles in my sql server - NOT in asp.net. I need to create a stored procedure that retrieves the roles that the currently logged in sql user has for a different database. I have the code that gets the roles for the user, but it only works if the user is in the database. I want to be in one database, and get the roles for a different database. I have tried using USE DATABASE, but this is not allowed in a store procedure.
View 10 Replies
View Related
Nov 8, 2000
Hi,
I have a login 'testuser' on test server.
This login was 'db_datareader' for database called 'invent_test' on test server.
I deleted the whole database and restored the production backup as 'invent_test' database.
Now I am trying to modify login 'testuser' by adding it as 'db_datareader' for 'invent_test' again but it gives me an error that 'this user or role already exists for current database'.
I can not see 'db_datareader' or even 'invent_test' options selected in login properties for 'testuser'. Also I can not find 'testuser' in database roles
-->db_datareader member list.
Is this a bug with sql server 7.0? Or how should I give this user priviledges to read?
I dropped the login and recreated it. Server is also rebooted meanwhile so there is no possibility for cashe problem. Still same error is there.
Is there any thing that I am missing here?
I really appreciate your help. I am very frustrated now.
View 2 Replies
View Related
Oct 6, 1999
I know how to create an Application role in SQL server 7. Now how do I connect to the database from VB using that Application Role? I can't find anything about this topic anywhere. Is this the purpose of an Application role or am I way off?
Thanks for the help
Steven Abt
StevenA@grsgroup.com
View 2 Replies
View Related
Apr 4, 2006
This stuff makes no sense what so ever,
In the Books on Line of MSSQL2000
In "Adding a Member to a SQL Server Database Role"
There is this
"Note : When you add a Windows NT 4.0 or Windows 2000 login without a user account in the database to a SQL Server database role, SQL Server creates a user account in the database automatically, even if that Windows NT 4.0 or Windows 2000 login cannot otherwise access the database."
I mean how can anyone add a login to a database role without making the login a user of the database.:shocked:
Also if it worked, a new fancy feature to add new logins??:eek:
Plz help:S
View 9 Replies
View Related
Sep 21, 2006
Anyone have a tsql query that will give me a listing of database roles and their users already put together?
View 1 Replies
View Related
Jan 20, 2004
thanks for reading.
i would like to create a new database role that has exactly the same permissions as an existing database role. the combinations of permissions are complicated enough to make this a time consuming task worthy of a script of some sort. any suggestions?
i'm running SQL Server 2000 and can't find anything about copying roles unless it's through DTS from one DB to another. not sure if this is applicable to basically duplicating and renaming a role in one database.
in case you're wondering why anyone would want to do this you may not be surprised to know that it's a government thing. some policy about differentiating between 2 roles -- even though they currently have exactly the same permissions, the similarities might change in the future.
thanks in advance for your input.
View 1 Replies
View Related
Jul 23, 2005
Brief description of the problem:My production server has about 50 databases and various permissions aregranted to public role on all these databases. Because of this any newuser added to any database gets unnecessary access to objects by virtueof being a member of public by default. I would like to fix this flawin the way the server is setup as below:1. Setup a new database role called NewRole on all 50 databases andcopy permissions to NewRole from public.2. Add all existing users to the new Role.3. Remove all permissions from public.Any suggestions on scripting this task are welcome.
View 3 Replies
View Related
Mar 13, 2008
I want to allow administrators of the program to change the permissions of the database roles. Is there a way to retreive the the specific permissions granted an denyed to a user and a database role. For instance, a store procedure that you call, pass it the database role and you get whether SELECT is allowed on table1, or if UPDATE is denied on table2, etc.
View 3 Replies
View Related
Oct 2, 2007
Is there a way to script out a database role from SQL management studio?
I can only get a script for create and drop. I am looking for a script that shows all object permissions that the role has in a database.
Thanks.
View 3 Replies
View Related
May 23, 2007
Does anyone know if there is a way to use a SSIS task to add a role to SSAS cube? At the moment I use Management Studio, Right Click "Roles" under the cube and go through New Role wizard, but I'd like to be able to include this in a SSIS package instead.
Thanks
Richard
View 5 Replies
View Related
Oct 9, 2000
Hi!
I've restored a backup from server A in server B. In server A I used to have a db_owner, called sitebase. After restoring the backup in server B, I created the user sitebase again and tried to grant him db_owner through Server Manager but I got the error: user or role already exists in the current database.
How can I avoid this situation and grant db_owner to him?
Thanks,
Fábio
View 1 Replies
View Related
Mar 14, 2008
How do I get a particular user to be a choice under the db_owner role for a particular database?
The user is listed under logins and even shows to be the db_owner for the database under the database access tab of the login properties. This is SQL 2000.
Thanks,
David P.
View 1 Replies
View Related
Dec 26, 2006
in SQL server 2005, Database User's permission will be overriden by the database Role's permission or ottherwise? For example, a userA is owner of table AA so it has all permisions on table AA but the user is a member of GroupB but group B has no permission to access to Table AA. What happen on User A?. has it permission to access to table BB or not? How can I find document or example about this?
Please help me, thanks so much
View 3 Replies
View Related