You can't assign a default schema for a user that maps to a Windows group. OK fine. But if you create a user for that group anyway with no default schema, any objects created by members of that group will automatically cause a schema to be created for them, EVEN WHEN THAT USER HAS BEEN EXPLICITLY DENIED THE CREATE SCHEMA PERMISSION IN THE DATABASE. This is the same as it was in 2K5, but has still not been fixed in 2k8.
To reproduce, do the following steps:
Create a windows group, either in the doman or local to the box.
Add at least one Windows user to that group.
Create a SQL login for that Windows group.
Map that login to a new user in some database.
Explicitly 'deny create schema to ' that group/user.
Grant 'create procedure' to that group/user.
Log onto SQL with a Windows login that is a member of that Windows group
Use the database that we set the permissions in above.
Create a dummy stored procedure without qualifying the name with a schema ie: 'create prodedure test1 as select 'hello world').
Look to see what you ended up with. You will have a new schema named the same as the user who created the sproc. This will now be their default schema implicitly, and the test1 stored procedure will be in that schema, EVEN WHEN THAT USER WA EXPLICITLY DENIED THE CREATE SCHEMA PERMISSION IN THE DATABASE.
I would like to know if there is any way to restrict users from creating temp tables.
Problem: I am facing problems with lots of temporary objects getting created in my database. The users have read-only access to the database for adhoc-querying purpose through QA. Yet they are able to create temporary tables in tempdb database taking lot of resources on tempdb disk causing abnormally high growth of tempdb.
I€™m trying to create an index on a view. I get the error that €˜the view is not schema bound.€™
Soooo, I try to put it in a schema.
This is the syntax I am using -
CREATE SCHEMA AUTHORIZATION painter CREATE VIEW large_paints AS SELECT paint_id,color FROM paint WHERE paint_size=100 CREATE INDEX idx on large_paints (paint_id);
I get the error - Incorrect syntax near the keyword 'INDEX'.
Hi .Net Guru’s,I have an urgent requirement for my project; the issue is mentioned below;Using .Net(C#/VB.Net) I need to generate/created Database objects from XML schemas.I don't have any sample xml schema file to give you. You just imagine you have a sample .xsd file and this .xsd file will be used to create database tables.Please let me know if you have any queries. Thanks,nick
I was wondering does anyone know a way to get the structure, with relationships, of a Sql Database and generate a XML Schema. I want to use the Schema to build a CrystalReport.
I've searched through this and other SQLCE newsgroups, and it would appear that whenever this question is asked, it is deflected or left unanswered. I'll try again:
Is there any way to create SQLCE database tables from an XML schema (preferably in .NET with C#)? Of course this can be done with the .NET DataSet, but there doesn't appear to be any way to get the DataSet to create the tables in the SQLCE database (although the reverse can be done). I won't go into long explanations of the application, but it does not ever have any connection to an SQL server, and we don't want to create the SQLCE tables in code. We *only* want to create them using an XML schema. Is the only option writing our own code to do this?
User bob has create procedure permission as follows:
grant create procedure to bob
bob would like to create a procedure in schema Accounts.
When he issues create proc Accounts.sp_proc.... it fails with:
Msg 2760, Level 16, State 1, Procedure sp_proc, Line 3 The specified schema name "Accounts" either does not exist or you do not have permission to use it.
What permission do I need to grant bob in order to allow this?
If I want to make a trigger: - For Insert - With name: NewEmployeeInserted - On table dbo.Employees
I add the following attribute above the desired .net method logic: [SqlTrigger(Event = "For Insert", Name = "NewEmployeeInserted", Target = "Employees")]
How to make a trigger on for example: Production.Employees table? where Production is the schema where this table resides.
I have some questions about creating SQL Server CE databases. Based on my experiments and what I've read on these forums, it looks like there are a couple ways to create a database schema. I can edit the database schema via the Server Explorer in Visual Studio, or use an external program like SQL Server Management Studio and somehow convert those files to .sdf files.
I find Visual Studio's built in tools to be cumbersome to use and limited in functionality, and using SSMS seems like a roundabout way of approaching the problem. I understand Microsoft will be releasing better tools with Orcas, but in the meantime, I'm wondering if there are alternative ways to generate database schemas.
For instance, I find Visual Studio's DataSet designer fairly easy to use. The DataSet designer generates schema definitions (.xsd files), and an instantiated DataSet can both read and write schema definitions via Read/WriteXMLSchema. Furthermore, DataAdapter's Fill and FillSchema methods can be used to push a schema from a database to a DataSet. So, can I somehow go the other direction and push a schema from a DataSet to a database? It seems like all the tools are there...
For example, if I create the DataSet schema, could I use a small app to create a new .sdf file, instantiate a DataSet, write the schema from the DataSet to the database, and then save the .sdf file? Or given the generated .xsd file, is there any way to create a SQL database from that?
This works in SQL Server 2005:CREATE XML SCHEMA COLLECTION Version2_1 AS'<xs:schema xmlns="http://www.icpsr.umich.edu/DDI" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:doc="http://www.icpsr.umich.edu/doc" targetNamespace="http://www.icpsr.umich.edu/DDI" elementFormDefault="qualified" attributeFormDefault="unqualified"> <xs:annotation> <xs:documentation> This is a w3c Schema "Technical Implementation" of the DDI Conceptual Specification. This schema is intended for use in producing electronic versions of codebooks for quantitative social science data. CVS Revision information: $Header: /cvsroot/ddi-alliance/ddi/w3c/Version2-1.xsd,v 1.10 2007/07/31 19:03:54 mdiggory Exp $ </xs:documentation> </xs:annotation></xs:schema>' This version, however, gives errors: DECLARE @sql VARCHAR(max)SET @sql ='CREATE XML SCHEMA COLLECTION Version2_1 AS <xs:schema xmlns="http://www.icpsr.umich.edu/DDI" xmlns:xs="http://www.w3.org/2001/XMLSchema"xmlns:doc="http://www.icpsr.umich.edu/doc" targetNamespace="http://www.icpsr.umich.edu/DDI"elementFormDefault="qualified" attributeFormDefault="unqualified"><xs:annotation> <xs:documentation> This is a w3c Schema "Technical Implementation" of the DDI Conceptual Specification. This schema is intended for use in producing electronic versions of codebooks for quantitative social science data. CVS Revision information: $Header: /cvsroot/ddi-alliance/ddi/w3c/Version2-1.xsd,v 1.10 2007/07/31 19:03:54 mdiggory Exp $ </xs:documentation></xs:annotation></xs:schema>'EXEC (@sql)Ultimately, I am trying to create a stored procedure that will take as parameters the name of the new schema and the .xsd file it comes from, so that I can use it in code. I am a novice, so all explanations would be greatly appreciated.Thanks,Ed Graham
Any command which will make create script for my entire database including all sp's , tables, functions..i dont want to backup the db ..i want to create scripts for creating an entire database schema (only the structure and not data)
Can anyone help me with this? The objective is to allow an application user (with db_datareader & db_datawriter database roles assigned) to be able to create tables in the assigned schema (dbo) via a new role.
-- Create User
use master
go
create login DBA with password='xx', CHECK_EXPIRATION=ON, CHECK_POLICY=ON
use AdventureWorks
go
create user dba from login DBA alter user dba with DEFAULT_SCHEMA=dbo
go
-- Create Role
use AdventureWorks
go
create role sp_ddl_role AUTHORIZATION dbo
grant CREATE TABLE to sp_ddl_role
-- assign user to Role
use AdventureWorks
go
exec sp_addrolemember sp_ddl_role, dba
go
-- Create Table statement then run with following error Error:
Msg 2760, Level 16, State 1, Line 1
The specified schema name "dbo" either does not exist or you do not have permission to use it.
Remedy: Grant ALTER on schema::dbo to sp_ddl_role
My problem is that I want to restrict user permissions via this role to just the CREATE TABLE and granting ALTER on a SCHEMA will open up a whole lot more permissions from a security standpoint.
Question: How do I restirct this role to just the CREATE TABLE within a SCHEMA?
I have a sql server 2012 server and I need to prevent the users from creating new schemas by mistake. Is there any way to revoke that permission alone but still letting the user to create their own objects in dbo (yes I know that shouldn't be in dbo but that is another issue).
I have the same database(3GB) in 2 physical locations in usa and europe
I need to create a publisher and subscriber between these 2 database without sending any snapshot because i have the same data in the 2 sides, is it possible ?
how do I move my database schema from 1 machine to another? Its a MSDE 2000 DB and Im using visual studio 2003.
In VS when I goto the server explorer and right click on a DB the "generate create script" options is greyed out.
What am I doing wrong?
If you cant help me with the above question could you please recommend another way for me to get my DB schema with all its constraints from one of my work stations to another. I dont want to manually recreate it.
Having some trouble getting my head around setting access to specificschemas- here's my problem:I've created a specific schema that I only want certain users tocontrolProblem: Even though I give them full access....the cannot createtables under that schema...my code is below (flyer is the schema,eflyerAdmin is the role, and eflyer is the user):GRANTALTER,CONTROL,DELETE,EXECUTE,INSERT,REFERENCES,SELECT,TAKE OWNERSHIP,UPDATE,VIEW DEFINITIONON SCHEMA::flyerTO eflyerAdminGO-- Add an existing user to the roleEXEC sp_addrolemember N'eflyerAdmin', N'eflyer'
When the CLR function executes "CREATE ASSEMBLY" the following error is thrown.
"Could not impersonate the client during assembly file operation."
The CLR function is invoked from Service Broker internal activation stored procedure.
"SELECT user_name()" returns dbo just before CREATE ASSEMBLY execution.
SqlContext.WindowsIdentity.Name is "NT AUTHORITYSYSTEM" as the Data Engine runs with the LocalSystem account.
How do I create a the necessary security context for "CREATE ASSEMBLY" to succeed ?
Service Broker Queue activation with EXECUTE AS = "SELF", "OWNER", domain account or dbo, all result in the above error. The Service Broker assembly having the internal activation stored procedure is registered "unsafe".
I am wanting to create a custom workday calendar to show Monday - Friday as a workday, then go back and update a few holidays as non-workdays. Â This is the syntax I have to start with, but it is presenting with an error:
Msg 241, Level 16, State 1, Line 21 Conversion failed when converting date and/or time from character string.
What should I alter?
CREATE TABLE dbo.CreateCustomCalendar ( wk_Date INT IDENTITY NOT NULL, FullDate DATETIME NOT NULL, WeekDayName VARCHAR(9) NOT NULL, IsWorkday varchar(20) NOT NULL )
Please direct me to the right forum if this is not the right one.
Upon installation of SQL Server 2005, I opened the SQL Server Management Studio, connected using Windows Authentication and went to the security node in the tree. I created a log in called "TestLogin". I restarted my server just to make sure everything took and when I tried to log in using TestLogin via SQL Server Authentication, I get the below error. I have mixed mode enabled as well as named pipes. I am not sure what the issue is or what to try next. I even get the same error when trying to use "sa".
Thanks,
- Joel
TITLE: Connect to Server ------------------------------
A connection was successfully established with the server, but then an error occurred during the login process. (provider: Shared Memory Provider, error: 0 - No process is on the other end of the pipe.) (Microsoft SQL Server, Error: 233)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&EvtSrc=MSSQLServer&EvtID=233&LinkId=20476
I have created a database fronted by an ASP.Net application. It's all nice and simple, and I only need a very simple level of security (and even that is only as a protection against accidents rather than maliciousness). My intention is that users connect using Windows impersonation (<identity="true">), with the database creator having full access and the public group (I'm talking SQL groups here) having specific premissions granted on specific tables.
If I set <identity="false"> on my XP box the application connects to the database as [MACHINEASPNET]. This is easy to set up access for - I simply do a
CREATE LOGIN [MACHINEASPNET] FROM WINDOWS
and then within the actual database do a
CREATE USER [MACHINEASPNET]
But as I said, I want to use Windows impersonation. When I set <identity="true">, the application correctly attempts to connect as the actual Windows user account (e.g. [MACHINE estuser]). If that user is the user who installed the database, then all is well and it has full access. For anything else, I get a "cannot log on" error - this much I expect.
So I want to permit logins for all other users, and I want this to work regardless of whether the machine is a standalone machine whose "domain" is simply the machine's own name, whether it is in some form of traditional peer-to-peer workgroup, or whether the machine is connected to a real domain. I also want it to work on XP and Windows Server 2003 (and ideally Vista also, but that can wait). When I try the following:
CREATE LOGIN [MACHINEUsers] FROM WINDOWS
I get this error:
Msg 15401, Level 16, State 1, Server MACHINESQLEXPRESS, Line 1 Windows NT user or group 'MACHINEUsers' not found. Check the name again.
Nor does it work with [Everyone] (that one has no domain/folder listed against it in any permissions dialogs on my domainless development PC). So I'm stuck and confused. It's taken me ages just to get this far. Any suggestions anyone?
Been doing some research after getting this error: Microsoft OLE DB Provider for SQL Server error '80040e14'
Cannot create a row of size 8297 which is greater than the allowable maximum of 8060.
And realised that my nice responsive varchars had a maximum total size. so I changed them for 'slower' text data types. but my DB still won't allow any more input.
has the limit been reached now regardless of what I change or can I rebuild the DB to recover the space or something?
I’ve got a situation where the columns in a table we’re grabbing from a source database keep changing as we need more information from that database. As new columns are added to the source table, I would like to dynamically look for those new columns and add them to our local database’s schema if new ones exist. We’re dropping and creating our target db table each time right now based on a pre-defined known schema, but what we really want is to drop and recreate it based on a dynamic schema, and then import all of the records from the source table to ours.It looks like a starting point might be EXEC sp_columns_rowset 'tablename' and then creating some kind of dynamic SQL statement based on that. However, I'm hoping someone might have a resource that already handles this that they might be able to steer me towards.Sincerely, Bryan Ax
In SQL Server 2005 SP2 I want to grant the ability to create views to a user but in order to do this it requires that the users has the ability to grant alter on a schema.
Is there any way to grant this privilage without granting alter on schema also?
I'd like to create a temporary table with the same schema as an exiting table. How can I do this without hard coding the column definitions into the temporary table definition?
I'd like to do something like:
CREATE TABLE #tempTable LIKE anotherTable
..instead of...
CREATE TABLE #tempTable (id INT PRIMARY KEY, created DATETIME NULL etc...
Locally I develop in SQL server 2005 enterprise. Recently I recreated my db on the server of my hosting company (in sql server 2005 express).I basically recreated the tables and copied the data in it.I now receive the following error when I hit the DB:The 'System.Web.Security.SqlMembershipProvider' requires a database schema compatible with schema version '1'. However, the current database schema is not compatible with this version. You may need to either install a compatible schema with aspnet_regsql.exe (available in the framework installation directory), or upgrade the provider to a newer version.I heard something about running aspnet_regsql.exe, but I dont have that access to the DB. Also I dont know if this command does anything more than creating the membership tables and filling it with some default data...Any other solutions/thought on what this can be?Thanks!
