Hi All,
I need to give access to one user only to truncate a particular table. I am not able to frame exact query for this. However i can user EM and do it.
But i wanted to know the query for this.
Is it possible for a batch command to give access or add a new role for the user to database? Basically:
USE my_Database CREATE USER [User1] FOR LOGIN [User1] WITH DEFAULT_SCHEMA= [dbo]; EXEC sp_addrolemember 'Application1', 'User1' EXEC sp_addrolemember 'SQL_Read_Only', 'User1'
If User1 was already created then ignore that and run the exec sp_addrolemember. Next,Â
I have created a user and given select permissions on a table, I want to go deeper and just give select on a few columns within the table but unable to do so. Can someone tell me how I can do this.
SQL Server Security is not my strong point so forgive me for asking stupid questions.
I have a bunch of tables and sprocs within a schema 'MySchema'. I have a user 'MyUser' defined in the database.
I would like to give MyUser permission to SELECT from tables and EXECUTE all sprocs in MySchema. What is the simplest way of doing that? Will the following:
GRANT EXECUTE ON SCHEMA::[MySchema] TO [MyUser] WITH GRANT OPTION AS [db_owner] GRANT SELECT ON SCHEMA::[MySchema] TO [MyUser] WITH GRANT OPTION
accomplish that? (I can't test it out at the moment because our DBA isn't around and I don't have permission)
With best practices in mind - is what I am doing here considered "ok". Any suggestions/comments are welcome.
-Jamie
P.S. Can anyone recommend any documentation that talks about what best practices should be in the use of schemas. BOL is a bit sparse. Thanks.
I am getting some problem in using group in sql server login.
i have two NT groups in windows.i) developer and tester
I added a user Lalit in both gruop. I want to give db_owner permission on a particular database(Employee) to developer group and data_denyreader and deny_writer on same database(Employee) to tester group.
Now when i logging in to sql server using Lalit(windows authentication) iam not able to access the database(Employee).
Now my concern is that Lalit should have full access to the employee database when entered as developer user and limited access to employee database when entered as tester user.
Good morning, I'm trying to create a view on SQL Server based on a query that i use on Access. The query returns detailed data from a table based on ID's selected and saved into another table.
the thing is, on access it returns back 5 records<which is a correct output> , while on SQL. its returning only one record. what could be the issue here ?
Sorry for the simple question, but I'm not having any luck getting this to work: I need to give someone read-only access to everything in a database.
If someone could help me by giving me (or linking me to) a step-by-step, idiot-proof recipe for giving Bob in my office read-only access to the whole database, I'd be very grateful. And remember: I'm good at db programming, but completely ignorant on the subject of db admin.
I am in a project where we are using a vanillla Reporting Services 2005 with the builtin report portal. No sharepoint integration yet.
We have successful deployments where we limit access to different folders based on AD-accounts and groups. In this particular case I have a folder for which I would like to allow access to all AD-users within the entire company.
So basically I know how to limit access but I don't know how to enable access for everyone. Is there a simple way to do it? I have googled and search mshelp but I couldn't find anything. I will admit to the search being quite quick but as usual time is short.
I have a quick question regarding getting data from a SQL database but I am slightly confused as to the best way to handle it.
Basically on of the projects I am working on I need to send data to another company, there are several calls required to the database to bring back various options for changing the questions asked on the front end.
Up to now all that has happened is there has been a mutual agreement between myself and this other company and they have just had access to the database to call a series of stored procs which I have written for them to access the data. Recently however the situation has changed and my client wants me stop them accessing the database however they still need to recieve the information from the database they recieve now.
What will be the best way to handle this? My knowledge of SQL is farily limited presently and I am only ust getting into learning a lot more about it.
I would like to know if there is a way to find out who changed a users roles/access WITHOUT using the audit function. For example, if a user account was created and given SA access then changed to read only, how can I find out who made that change? I tried searching for an answer, but kept getting no results. I'm thinking this may tie into the sys.sysusers view?
I would like the Backup SQL user A can backup and restore DATABASE_a, what access right I need to grant to him. Although he can backup the database_a to the c:Program Files.....Database_a.BAK but he cannot restore it with some message said ''not enough security privieges..
Please quote some example right assigment so that I can replicate to our environment
I've been developing desktop client-server and web apps and have used Access and SQL Server Standard most of the time. I'm looking into using SQL CE, and had a few questions that I can't seem to get a clear picture on:
- The documentation for CE says that it supports 256 simultaneous connections and offers the Isolation levels, Transactions, Locking, etc with a 4GB DB. But most people say that CE is strictly a single-user DB and should not be used as a DB Server. Could CE be extended for use as a multi-user DB Server by creating a custom server such as a .NET Remoting Server hosted through a Windows Service (or any other custom host) on a machine whereby the CE DB would run in-process with this server on the machine which would then be accessed by multiple users from multiple machines?? Clients PCs -> Server PC hosting Remoting Service -> ADO.NET -> SQL CE
- and further more can we use Enterprise Services (Serviced Components) to connect to SQL CE and further extend this model to offer a pure high-quality DB Server? Clients PCs -> Server PC hosting Remoting Service -> Enterprise Services -> ADO.NET -> SQL CE
Seems quite doable to me, but I may be wrong..please let me know either ways
Is there any way to get more information for when IAuthorizationExtension::CheckAccess fails to grant access to a report item for the current user? Specifically, it would be useful to know:
1. URL of attempted report 2. IP address of user agent 3. Identity of current user 4. Date/Time of the failed attempt
Is it possible to allow only a particular user to e.g. User1 to access the database the user created? Not even the Built-in administrator or the sa can access? I am using Mixed mode authenication..
Does any one have any idea of how to track a user access to a spesfic DB because we have an old DB and we don't know if any body using it, I know Profiler can help but I need to know when it was the last time this DB has been accessed.
My problem is that I can't query a couple of tables. I created them using DTS myself, in a db called contracts, and called one of them 010425. I've logged in as SA, and making sure the correct DB is shown in Query Analyser.
Here's the query...and very simple it is;
SELECT TOP 10 * FROM [dbo].[010425]
I just keep getting the following error message;
Server: Msg 208, Level 16, State 1, Line 1 Invalid object name 'dbo.010425'.
But it shows up in Sysobjects and EM!
I can query the system tables, using EXACTLY the same syntax...no problem there.
I've got SQL Server 7 running on W98. Everything is happening locally.
When I try to give a login access to a database I get the message: Error 21002: [SQL-DMO] users already exist in the database. I checked sysusers for the database and the users name is in there, even if the user has no login. Is it okay to just delete the record that has the users name from sysusers? Thanks
I need to be able to track which users and the number of times a user connects to a particular SQL Server database. I have a simple SQL Server database that users query (SELECT only) using an Access 2000 front-end. I do not have any control over the front-end so my only tools on the database side. I can't use 3rd party software, just SQL Server. Is there any way? Thanks.
I know this seems like a strange ask, but we have a common user and pass in most of our web applications and this user requires DBO access to the database, no problem is occasioannly we need to let a developer look at an issue on a production server, so we port them through to sql through the firewall so they can see it it, and they normally login wih there domain/username and this way they are restricted to what they can see and do. However all developers know the SQL user and pass used in the web app, they also know its a DBO, so this means they can login with these user details and have access to everything.
My question is how can i lock this down so i can deny access from the SQL management console for this particular user, but still allow the user to act as a DBO for the web applications.
Downloaded and install SQL 2005 on 2003 member server. Downloaded and ran SQLServerSamples.msi, AdventureWorksBI.msi, AdventureWorksDB.msi, and AdventureWorksLT.msi.
When I go into Sql Server Management Studio I cannot find the Adventure Works database under databases. How do I access it?
We have an ASP.net application that currently sits on a server that runs IIS and sql server. We are spliting IIS and SQL server into 2 seperate machines. I believe I have the connection string okay as I can see the entries in the security log on the sql server machine however it keeps saying aspnet user invalid user or invalid password. What gives with this. We put .net on the sql server however this just added the aspnet user to the machine. Do I need to create an aspnet user inside the sql server and give it control of the dbases as well? I am running this using the personal web server not IIS on a server. I have a project on my desktop and am using the "local" IIS or personal web server that comes with visual studio out of the box. What kills me is that when I put the project on a real IIS server that has sql server on the same machine I have no issues. However when I split the dbase and the IIS apart onto 2 servers I get this aspnet invalid user or invalid password. HELP
Is there anyway, that I can generate a list of all the objects that a given user has access to (including type of access whether select or update etc), by running a SQL command? One of our databases has nearly 40,000 tables (no kidding!) I can always find this out by manually looking into the roles etc on the enterprise manager, but I need a way to find out using a T-SQL query..Thanks for any help!
I wonder if anyone can help. I'm trying to create a new user/login to a sql server 2000 box which will automatically have access to all the user databases on the instance. The user can't be a SA or anything however. It seems this can be done as the application which uses all these database has created such a user, however I need another which I will then make read-only.
Scenario: 1. Access to database objects is based on database roles. 2. Application administrators handle the assignment of users to database roles. Application administrators are first line managers, typically; they are not DBA's and not Help Desk staff.
Question: What products are available to simplify the management of user access to databases in the aforementioned scenario?
I need an example of how to grant access to a SQL user to a DB. For the life of me I can't seem to get my syntax correct. My database name is TEST and my username is LEMME_IN and I want to grant the user "Public" access to the db with db_datareader, db_datawriter database role membership.
I'm currently looking at a multi-user app that has an Access 97 frontend and an SQL2K backend. Proposed changes to the system mean that the user concurrency count is likely to increase dramatically, and I'm wanting to know if there are any limits to the concurrency for this architecture.