SQL 2012 :: Grant Statements To Create Userdefined Role

May 11, 2015

Need to create a user defined role with grant permissions for below .

View Definition
Execute all Function
Grant View
Grant Synonym
dbo
View Definition
Not getting grant statements for above permissions.

I mean like below.

-----------------------------------------------------------------
CREATE ROLE [Role1]
GRANT EXECUTE ON SCHEMA ::dbo TO [Role1]
-----------------------------------------------------------------

View 1 Replies


ADVERTISEMENT

How To Grant Create View Access Without Grant Alter On Schema::

Aug 16, 2007

In SQL Server 2005 SP2 I want to grant the ability to create views to a user but in order to do this it requires that the users has the ability to grant alter on a schema.

Is there any way to grant this privilage without granting alter on schema also?

View 1 Replies View Related

Role Of Login Specified In GRANT UNSAFE...

Feb 27, 2007

For registering UNSAFE assemblies, we have to sign the dll and register it in SQL 2005. Also, the permission needs to be granted to a login..

Example code;

CREATE ASYMMETRIC KEY MyKey FROM EXECUTABLE FILE = 'C:AssembliesInterop.SQLDMO.dll'

CREATE LOGIN MyLogin

FROM ASYMMETRIC KEY MyKey

GRANT UNSAFE ASSEMBLY To MyLogin

What is the purpose of creating this MyLogin and how it serves to access the unsafe assembly.

Can anyone throw more light on this.



Thanks

Baskar

View 1 Replies View Related

SQL 2012 :: Automatically Create Insert Statements For Table Data

Jun 10, 2014

How to create insert statements of the data from a table for top 'n' rows. I know we can create using generate scripts wizard, but we can't customize the number of rows. In my scenario i got a database with 10 tables where every table got millions of records, but the requirement is to sample out only top 10000 records from each table.

I am planning to generate table CREATE statements from GENERATE Scripts wizard and add this INSERT STATEMENT at the bottom.

EX : INSERT [dbo].[table] ([SERIALID], [BATCHID] VALUES (126751, '9100278GC4PM1', )

View 4 Replies View Related

Grant Execute To Role But Permissions Dont Show Up

Apr 5, 2008

I have a stored procedure in which at the bottom of the code, im granting execute permissions to a role I have defined. However, when I view the permissions on the procedure, the role isnt there, what could I be missing ? The procedures were all created under the default or dbo schema. I could manually give the permissions to the role, but id rather have it scripted.

help ?

View 5 Replies View Related

Grant CREATE VIEW, CREATE PROCEDURE ...

Apr 12, 2006

Hi,

I have currently a problem with setting up the permissions for some developers. My configuration looks like this.

DB A is the productive database.

DB B is a kind of "development" database.

Now we have a couple of users call them BOB, DAVID, ...

who are members of the db role db_reader and db_writer for the productive db a but they should be allowed to do nearly everything on db b.

Therefor I added them to the db role db_owner for db b.

For testing purposes I tried to "CREATE" a view TEST as BOB in database B but I received the error message

'Msg 262, Level 14, State 1, Procedure Test, Line 3

CREATE VIEW permission denied in database 'b'.'

I cross checked the permissions on db level and I even granted all available permissions on db level but nevertheless I receive this error message.

What's my mistake?

Of course it worked fine when I give them sysadmin rights but then they have far too much permissions.

Regards,

Stefan

View 8 Replies View Related

Create Variable To Store Fetched Name To Use Within BEGIN / END Statements To Create A Login

Mar 3, 2014

I created a cursor that moves through a table to retrieve a user's name.When I open this cursor, I create a variable to store the fetched name to use within the BEGIN/END statements to create a login, user, and role.

I'm getting an 'incorrect syntax' error at the variable. For example ..

CREATE LOGIN @NAME WITH PASSWORD 'password'

I've done a bit of research online and found that you cannot use variables to create logins and the like. One person suggested a stored procedure or dynamic SQL, whereas another pointed out that you shouldn't use a stored procedure and dynamic SQL is best.

View 3 Replies View Related

Grant "create Stored Procedure"

Feb 24, 2000

Hi!
How do I grant rights to an user for creating stored procedures (using T-SQL)?
Thanks,
Fabio

View 1 Replies View Related

Grant Create - And Execute - Procedures

May 6, 2008

I am creating a login with a user in one database. The id has to
create procedures in the dbo schema, execute them, and grant execute on them to other users.
BOL says to
GRANT ALTER ON SCHEMA::DBO TO username ;
GRANT CREATE PROCEDURE TO username ;
I did that. User can now create procedures, but cannot execute what he creates. And cannot grant execute on the sp to anybody.

I don't want to give this id a lot of priviledges.

View 16 Replies View Related

Grant Create Procedure Using SSMS

Jun 5, 2008

Is it possible to use sql server managment studio to grant the create procedure to a user on their own schema?

View 2 Replies View Related

How To Grant Permission To Create A New Object

Jan 23, 2008

I am new to sql server. right now i getting used to management studio.I am trying to creata a new object / a new database but i am getting an error which says permission not granted

can any help me to move ahead

thanks

View 1 Replies View Related

How To Grant User Permission To Create Other Users?

Jun 26, 2007

There's something I can't quite figure out about user creating



The application that I'm currently working on is interacting with DB, therefore every time you use application you need to login as user which is fine. The problem is that certain users should be able to create new users and the new user may even have the same level of permissions as the one that's creating it ( like admin creating another admin acount or some like that).



Question is how can I allow users to create these user with giving them as few permissions as possible.



If there's is somewhere a code sample on the net I would appreciate the link.







View 1 Replies View Related

How To Grant Create Procedure Permission To Database User?

Apr 7, 2008

Can somebody tell me without pointing to any other link how to grant Create Procedure permission to DB user.

View 3 Replies View Related

SQL 2012 :: Grant View Definition

Nov 19, 2014

I'd like to find out whether or not people grant VIEW DEFINITION to their developers in UAT and PROD environments. My view is that a developer shouldn't be able to touch a PROD environment at all (we also include UAT as PROD), and any issue in a production environment should be investigated by a DBA and escalated to the dev if necessary.

View 1 Replies View Related

SQL 2012 :: Grant Access To Configuration Manager?

Sep 23, 2014

Is it possible to grant access to SQL Server Configuration manager? I mean just the SQL Configuration manager alone?

View 2 Replies View Related

Reporting Services Migration - Create Grant Rights Script: Failed

Dec 14, 2007

Hi,

We moved a development reporting services database to a new server last night and followed the MS 'Moving a Report Server Database to another computer' directions. We used the Reporting Services Config tool to make the changes, remoted into the 2003 windows server - which is running sql Enterprise reporting and connecting to a 2005 Enterprise cluster.

We had two small problems - although everything seems to be working fine. The First try seemed to be unsuccessful because we did have the service started after applying the database connection changes. The directions don't mention starting the service before you hit apply. The second time we got an error that said "Create Grant Rights Script - The Task Failed". We entered a sql login that was a sysAdmin during the setup.

The exception details started off with:
System.UnauthorizedAccessException: Access is denied

If the rest of this error is needed I can type it out...I was sent a screen shot of it!
Thanks for any help - we are moving production soon and I'd like to understand what went wrong.
Thanks
Sam

View 3 Replies View Related

Question About Create Database,login,user,schema And Grant Permissions.

Apr 25, 2007

Hi,



I created a database,login,user and schema like belows.









-- 2. create database
CREATE DATABASE MyTempDatabase;



-- 3. create login
CREATE LOGIN MyTempLogin WITH PASSWORD = '#mytemplogin$',
DEFAULT_DATABASE = MyTempDatabase,
CHECK_EXPIRATION = OFF,
CHECK_POLICY = OFF;

--
USE MyTempDatabase;



-- 4. create user
CREATE USER MyTempLogin FROM LOGIN MyTempLogin WITH DEFAULT_SCHEMA = MyTempSchema;



-- 5. create schema
CREATE SCHEMA MyTempSchema AUTHORIZATION MyTempLogin;









The created user,MyTempLogin, must have permissions that can create tables,drop tables,select,insert,delete,update and bulk insert.



How can I grant permissions to the user?(or schema?)

I failed to grant by T-SQL query.



Additionally, what is purppose of the ROLE? Should I create or use it?



I'm confusing in security concept(login,user,schema,role).



Thanks.

View 3 Replies View Related

SQL 2012 :: Grant DROP Table Permission Within Database

Mar 26, 2015

How to grant DROP table permission within a database to an SQL login. I could see in Databae properties-> permission tab, there is an option to grant CREATE TABLE, EXECUTE permission etc, but not DROP table permission. How to grant it?

View 3 Replies View Related

SQL 2012 :: Grant Access To Sensitive Data To Users

May 12, 2015

I have a large table with email column. I need to grant select access to this email column to many users but the actual email should not be visible to those users. I thought of following options:

1.Create an indexed view with that column encrypted and then grant access to users.While searching by email, their search text will also be encrypted and then matched with view column.Problem with this is that I have to create indexed view because most searches will be on Email column and table size is pretty big,20 m records. I don't prefer indexed view in general.

2. Add another column to table with encrypted email and grant access to that column to users. Problem with this is that it will increase table size and i'll need one more index.

View 9 Replies View Related

Create Database Role Via T-SQL

Feb 23, 2008

I have created the functionality to dynamically create databases and am now trying to figure out how to create database roles using T-SQL.

I keep finding information about the sp_addrole stored procedure which is the first step, but how do you go about defining what permissions this role has via T-SQL?

Thanks

View 3 Replies View Related

Create DB Role Owned By Public

Jul 20, 2007

I use the following script in order to create db role:

USE [MyDB]GOCREATE ROLE [myRole] AUTHORIZATION [public]GO

It doesn't work:
Msg 15405, Level 16, State 1, Line 1
Cannot use the special principal 'public'.

However this code works fine:

USE [MyDB]GOCREATE ROLE [myRole] AUTHORIZATION [dbo]GOALTER AUTHORIZATION ON ROLE::[myRole] TO [public]GO

So the question is why?

View 6 Replies View Related

Create Database With Application Role...

Mar 22, 2007

Hi,

I want my application to create database and I do the following things:

1)Create application role
2)Grant create database to application role
3)Activate application role
4)Create database

and I get the answer:

CREATE DATABASE permission denied in database 'master'.

View 1 Replies View Related

GRANT SELECT ON [dbo].[TblAreaCatmap] TO [admin] Prevent Grant From Being Automaticly Add To Each Column

Oct 15, 2007



GRANT SELECT ON [dbo].[TblAreaCatmap] TO [admin] prevent grant from being automaticly add to each column?

Is there a way when you issue a grant select to a table or a view to not also grant select for each column.

The problem is when you use the grant command it automaticly adds the grant command to each column. I want to grant the permission at the table level so when the table is scripted it only has a single grant command instead of a grant for the table and a grant for each column which is not needed.

The sql managemnt studion interface will allow you to do this but onlt by using the interface. If you issue the above command from a query window it also creates A GRANT FOR EVERY COLUMN. How can I stop this behavior.

View 9 Replies View Related

Grant Execute On Sproc Doesn't Grant Privilege To Update?

Oct 31, 2014

I am writing a stored procedure which updates a table, but when I run the stored procedure using a login that I have granted execute privileges on, then I get a message that I cannot run an update on the table. This would happen in dynamic sql... while my SQL has parameter references, I don't think it is considered dynamic SQL?

sproc:
CREATE PROCEDURE [schemaname].[SetUserCulture]
@UserID int
, @Culture nvarchar(10)
AS
UPDATE dbo.SecUser
SET Culture = @Culture
WHERE UserID = @UserID

execute SQL:
EXEC schemaname.SetUserCulture @UserID = 9, @Culture = N'x'

error:
The UPDATE permission was denied on the object 'SecUser', database 'DatabaseName', schema 'schemaname'.

View 8 Replies View Related

Finding Logins That Have GRANT CONTROL And GRANT VIEW DEFINITION

Jul 21, 2015

Have a certificate and symmetric key that i have used the following to GRANT to logins. How can I find out which SQL logins have the GRANT CONTROL and GRANT VIEW DEFINTION?

GRANT VIEW DEFINITION ON SYMMETRIC KEY:: Symetric1 TO Brenda
GRANT CONTROL ON CERTIFICATE:: Certificate1 to Brenda

View 5 Replies View Related

Create User - Permit In Database Role

Jan 7, 2004

Hi,
I hv an application which is using ASP.net. The connectionstring in web.config is
<appSettings>
<add key = "constring" value = "Initial Catalog=mydatabase;Data Source=mypc-pc;User ID=User1; Password=password1"/>
</appSettings>"

Then, i hv created a user in SQL Server 2000 which is User1. What should i put for the database role? db_owner or just db_datareader and db_datawriter?

pls help.

Thnx

View 4 Replies View Related

SP Error When Trying To Create User And Assign A Role

Aug 23, 2002

I get the following errors associated with trying to create an SP.

Server: Msg 170, Level 15, State 1, Procedure AddFortuneUser, Line 8
Line 8: Incorrect syntax near '@newuser'.
Server: Msg 137, Level 15, State 2, Line 1
Must declare the variable '@newuser'.

Can anyone explain why I have to do a declare.
I suspect I have to issue "declare @newuser sysname" somewhere but I'm not sure why.

The following is the code I'm trying to run.
My intent would be to create a form for the Admin Clerk that would call this SP. That way they can create a generic login. They have an application that allows them to change the password after the fact.
/*
Created for Admin person to allow them to add a basic SQL Login Account
forcing the user to be a member of a specific role 'helmsman'
in a specific database 'Fortune'
*/
CREATE PROCEDURE AddFortuneUser
@newuser char(128)
AS
EXEC master..sp_addlogin @loginame=@newuser, @passwd =substring(@newuser,1,8), @defdb =Fortune
GO
if not exists (select * from dbo.sysusers where name = @newuser and uid < 16382)
EXEC sp_grantdbaccess @loginame=@newuser, @name_in_db=@newuser
GO
exec master..sp_addrolemember @rolename ='helmsman', @membername =@newuser
GO

View 1 Replies View Related

Do We Always Have To Create Name Calculation For Role-playing Dimension?

Jul 10, 2007

Hi, dear friends,

Just found that I am not able to ignore the name column property for role-palying dimension even though I only select one of the key columns for this dimension in the mining structure where the role-playing dimension is used? E.g I have a fact table (which is the case table for the mining structure) which is related to the role-playing date dimension. The schema is as following:

Dim_event_day_time_key

Dim_carrier_day_time_key

Dim_domain_day_time_key

.....................................

and other attibutes in the fact table.

When I dragged the 'hours' attribute from the dim_day_time table to the mining structure, if I left the key columns of 'Hours' as the above 3 columns, then I have to select a name column, by then I dont have a name column in the dimension table yet. Therefore I want to jsut select one key column as the key of that role-playing dimension in the mining structure, but then I am not able to ignore the 'name column' property as it still always asks me to select the 'name column' for that.



Therefore my question is: we are not allowed to select only one key columns in the mining structure for the role-playing dimension? And we will have to always go to the data source view to create a named calculation as the new column for the role-playing dimension?



Hope my question is clear for your advices and I am looking forward to hearing from you shortly.



Thanks a lot in advance.



With best regards,



Yours sincerely,

View 1 Replies View Related

SQL 2012 :: Altering The DB Role?

Sep 19, 2014

I have created a login with some restrictions ,By default the Login has DB_Owner Role,Now i want to change that Role to DB_datareader.

How can i alter the Login role from db_owner to db_datareader.

View 6 Replies View Related

SQL 2012 :: Grant Read-only Access To Windows Logins On Remote Standby Database

Mar 23, 2015

We log ship our production database tansaction logs to a secondary database on a separate remote domain.

Incidentally, this was not set up via the "Ship Transaction Logs" wizard, but instead we had to use the various system stored procedures after restoring a copy of the database on the remote domain in standby mode.

We now have an issue where users are unable to access the remote secondary database without having sysadmin privileges. Clearly we want to avoid this!

We want to be able to use Windows Authentication mode on the server of the secondary database. But since the two domains differ, is it possible to even achieve this?

How can we set up read-only access for users on the secondary database without giving them sysadmin privileges?

View 3 Replies View Related

Restrict Role To CREATE TABLE On An Assigned SCHEMA

May 9, 2008

Can anyone help me with this? The objective is to allow an application user (with db_datareader & db_datawriter database roles assigned) to be able to create tables in the assigned schema (dbo) via a new role.


-- Create User

use master

go

create login DBA with password='xx', CHECK_EXPIRATION=ON, CHECK_POLICY=ON

use AdventureWorks

go

create user dba from login DBA
alter user dba with DEFAULT_SCHEMA=dbo

go

-- Create Role

use AdventureWorks

go

create role sp_ddl_role AUTHORIZATION dbo

grant CREATE TABLE to sp_ddl_role



-- assign user to Role

use AdventureWorks

go

exec sp_addrolemember sp_ddl_role, dba

go

-- Create Table statement then run with following error
Error:

Msg 2760, Level 16, State 1, Line 1

The specified schema name "dbo" either does not exist or you do not have permission to use it.

Remedy: Grant ALTER on schema::dbo to sp_ddl_role

My problem is that I want to restrict user permissions via this role to just the CREATE TABLE and granting ALTER on a SCHEMA will open up a whole lot more permissions from a security standpoint.

Question: How do I restirct this role to just the CREATE TABLE within a SCHEMA?

View 1 Replies View Related

Alter UserDefined Datatype

May 3, 2007

How can I alter a userdefined datatype.

eg: A user defined datatype of Dt_Quantity numeric(16,0)

Want to change it to numeric(16,3).

Is it possible?

If it requires a system catelog updation please help.

This requirment is came after the implementation of the DataBase.

View 5 Replies View Related

Report Builder Model Generation - How To Create A Key Attribute Along With The Role?

Mar 28, 2007

Hi,



I have found that in the autogenerated model attributes are missing for those fields that have relations to other tables. At first, it may look reasonable since a user can still get down to the field's value through the relation/related table. However, if the relation's key fields is the only thing the user wants to display, then going down to the related table is an overkill.

I can add an attribute manually and bind it to the key field(s). Is there an option in the autogeneration process to do it automatically? The only post I've found so far suggests to do everything manually (http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=1152575&SiteID=1). Is this the only way?



Thank you,

Leonid

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved