SQL Security :: Give Access To Create Alter And Execute SPs In Server 2008R2

May 12, 2015

Is there a way i can grant a windows authenticated user say abcadam privilege:

-> to create, execute and alter the stored procedures that will be created by him only:

Point is we do not want the user to execute alter or modify other stored procedures out there for that DB

View 13 Replies


ADVERTISEMENT

SQL Security :: How To Find Who Alter Database User Access Changes In Server

Oct 6, 2015

someone was alter user  databases owner access.

how to find  who alter evoke  the database user access changes in sql server.

View 5 Replies View Related

Custom Security Extension: How To Give Access To Everyone

May 29, 2007

Hi All,



My application is currently integration with reporting services using custom security extension. I have my own USER and ROLE database to determine who/which role can access certain reports.

My question is how to give access a report to be viewable by everyone? I dont want to assign all users or all roles to achieve this.

The other thing that I found out is, let say I change the name one of the user/role. Because of this, the authorization will fail because the old name/role is not in the DB anymore. Is this expected? or is there a workaround it?



Your help is appreciated.



Thanks!

View 2 Replies View Related

SQL Security :: Create Database User And Give Grants To Few System Tables

Aug 12, 2015

Need to create a user in sql server provide grants to few system tables to the above user.

View 10 Replies View Related

How Do I Give A User Access To SQL Server?

Sep 7, 2006

Hi all



I tried using my administrator account to add SQLServer as an ODBC Connection, but for some reason when it tries authenticating it fails and the reason is that the user is not trusted to use that connection. Yet on my account i've created on my domain works perfectly.

I've added a new user in SQL Enterprise manager, but i still get that error.



How do I set the user to be trusted to use the connection?

Any and as many assists on this would be great.



Kr33

View 6 Replies View Related

Does Security Admin Have Access To Create Logins Using Sp_addlogin

May 31, 2007

i have an asp.net web application that uses SQL2000 backend. any users login to the application using a proper SQL login. so each user has unique logins

One of the roles within the application is to allow the user to create new logins for the application which inturn creates a SQL login. for this i have been using the following special sp's within an application specific sp:-

EXEC sp_addlogin @strUsername, null, 'WEA_MIS', @loginlang
EXEC sp_grantdbaccess @strUsername, @strUsername
EXEC sp_addrolemember @strRole, @strUsername
EXEC sp_password NULL, @strPassword, @strUsername




the only way ican get this to run is if the user executing the sp is a member of sys admin, ideally i dont want to be giving anyone access to sys admin. i thought security admin would allow me to do the above but it doesnt. Is there any other ways or ideas to get around this problem

Cheers,
Craig

View 5 Replies View Related

SQL Server 2008 :: Give Access To Item On Table

Sep 6, 2015

I am designing an application where multiple users can be assign to a product for review. If a user doesn't have access to the product, they are not allowed to see it. I have attached my table design. All users are assign to a role. See attached screen

View 1 Replies View Related

Why Did MS Give Access To Reports Thru Both Reporting Manager And Report Server?

Dec 20, 2007

what is MS's strategy for having two off the shelf ways of getting at reports? In a typical company, is the average non administrator type user getting at his reports via one, the other, both?

View 1 Replies View Related

How Can I Use Create Or Alter Statements With ODBC And Microsoft Access ODBC Driver (*mdb)?

May 13, 2007



Hi,



I am using VB.NET 2005 and set up an ODBC connection via ODBC.ODBCConnection to a MDB database. Therefor, I use the "Microsoft Access ODBC Driver (*.mdb)".



When I set up a ODBCCommand like "ALTER DATABASE..." or "CREATE TABLE..." and issue it with the com.ExecuteNonQuery() command, I get an error from ODBC driver, that a SQL statement has to begin with SELECT, INSERT, UPDATE or DELETE.



How can I use DDL statements via ODBC?



I would appreciate if you could help me to use ODBC for that - no OLE, no ADO.



Thanks for help!



Regards,

Stefan D.

View 14 Replies View Related

How To Grant Create View Access Without Grant Alter On Schema::

Aug 16, 2007

In SQL Server 2005 SP2 I want to grant the ability to create views to a user but in order to do this it requires that the users has the ability to grant alter on a schema.

Is there any way to grant this privilage without granting alter on schema also?

View 1 Replies View Related

How Do I Give EXECUTE Permissions On Stored Procedures?

Sep 20, 2007

Hey guys,I'm pretty new to SQL configuration, and I need to give EXECUTEpersmissions for one of the SQL user roles. I am running SQL 2005Management Studio Express - free version. I found the list of mystored procedures, but I can not locate any permissions screen. Cansomeone help point me in the right direction? Thanks!

View 7 Replies View Related

SQL Server Admin 2014 :: Does Security-admin Role Plus Deny Alter Any Login Cancel Each Other Out

Aug 27, 2015

I want to set up a database role so that users can use sp_readerrorlog through SSMS. It does a check on membership in the securityadmin role.

I have tested it and can see you can grant execute on xp_readerrorlog but the SSMS GUI uses sp_readerrorlog.

I thought I could create a user/certificate and add the signature to sp_readerrorlog but it's not permitted (likely because it's not a normal database object).

So the other solution is to add the users to the securityadmin role but then explicitly deny alter any login (best done with a custom server role in 2012+ but otherwise just manually in 2008). I tested this out and it works, I'm not able to alter any logins or increase my own permissions, I also did a check of what's reported from fn_my_permissions(null, null) and it shows minimal permissions like I'd expect.

View 0 Replies View Related

Is There A Way To Give Someone The Right To Create Only Views And No Other Objects In A Database

Feb 25, 2008

Is there a way to give someone the right to create only views and no other objects in a database? Currently I have given the individual ddladmin database rose, but would rather be more restrictive?

View 1 Replies View Related

DB Engine :: Re-indexing And Update Stats Of Mixed Compatibility Databases In Server 2008r2

Jun 15, 2015

We have recently migrated quite a databases around 20 from SQL 2000 and 2005 to SQL server 2008R2.

I am using Ola's script for index maintenance for those with compatibility level above 80 as i heard it supports that way.

Hence separated in 2 way job where for those with compatibility level 80, we are running job with below query on each database with 80 as compared

USE ABC
GO
EXEC sp_MSforeachtable @command1="print '?' DBCC DBREINDEX ('?', ' ', 80)"
GO
EXEC sp_updatestats
GO

I am not sure if this is the only way in for those databases, because we are seeing the database getting because of that somewhere using above query.( seems log file filling very rapidly).

But above is not the case with those databases , with compatibility 90 and above.

View 5 Replies View Related

How To Give ASPNET Account Permission To Access DB's

Jun 16, 2005

I'm creating one of my first asp.net pages, and it accesses an MS SQL database.It runs fine locally, but if you go to it remotely through a web browser, you get an exception saying that the database login failed for user ASPNET.My brother told me to do the following in SQL Server Managment studio.  It seems I don't have that program installed, so I did it from the SQL command prompt.CREATE LOGIN [bigblueASPNET] FROM WINDOWSuse AdventureWorkscreate user [bigblueASPNET](Where "bigblue" is the computer name and "AdventureWorks" is the database my asp.net web page reads from).This only partially fixed the problem - now when you open the page remotely and try to access the DB I get an error message saying that permission to use the SELECT command is denied.I searched on these forums, and found this:http://forums.asp.net/69166/ShowPost.aspxFor future reference, let's call what my brother told me "Method 1" and what the previous poster did as "Method 2."I haven't tried method 2 because I don't know exactly what I am giving ASPNET permission to do.  Does method 2 enable ASPNET to do anything to any database?  It seems method 1 is more secure, as from the commands I could already tell it only has permission to access AdventureWorks.So, I'd prefer to use method 1.  Can anyone tell me what further commands I can use to give ASPNET permission to do specific actions?If I can't figure out method 1 and have to do method 2, how can I undo what I did in method 1?Thanks!

View 1 Replies View Related

Give Access To Local Express Database

May 28, 2015

I've created a local server from Sql Express, and report server from Reporting service configuration manager, and than publish a report on the local report server. I want to give access to the other computer user to the sql reports, database and report server.

View 0 Replies View Related

Code Access Security Across Multiple Assembly Security Extension

Oct 14, 2005

Hello there I have trying to figure out for days how to enable FullTrust for my Reporting Services security extension.

View 9 Replies View Related

Create A Query That Will Give Result Set Containing Primary Order On Type

May 14, 2012

I have a table with plant types and plant names. Certain plants are grouped on a custom field, currently called Field. I am trying to create a query that will give me a result set containing the primary order on Type, but need items with the same 'Field' value grouped by each other.For example, the following shows a standard query result with "order by Type", ie select * from plants order by Type

Code:
ID Type Name Field
1 Type1Name1(group1)
2 Type2Name2(group2) -group2
3 Type3Name3(group3)
4 Type4Name4(group4)
5 Type5Name5(group2) -group2
6 Type6Name6(group6)

But I want it to look like this, with fields of the same value located next to each other in the result set (but still initially ordered by Type)

Code:
1 Type1Name1(group1)
2 Type2Name2(group2) -group2
5 Type5Name5(group2) -group2
3 Type3Name3(group3)
4 Type4Name4(group4)
6 Type6Name6(group6)

View 7 Replies View Related

Transact SQL :: Create A Report Which Would Give Latest Transaction On Database

Jul 17, 2015

I'm trying to create a report which would give the latest transaction on a database, which all sit on different servers. I wanted to know if there is an a simple way tracking the latest transactions instead of getting the information from the database tables.

View 3 Replies View Related

Transact SQL :: Create A Pivot Query That Will Give Result That Is Horizontal

Jul 8, 2015

I have some data which is vertical...I want to create a pivot query in SQL that will give me a result that is horizontal like this. I cannot find a way of doing it without lots of IF or CASE statements?

View 10 Replies View Related

SQL Server Access/Security

Aug 22, 2001

In the process of reviewing all Security access into our production servers, I found a user login name of 'BUILTIN/Administrators' with the type 'NT Group' in our production DB. I am not sure whether this Login was setup automatically when SQLServer was installed or it was setup by the administrator, who is no longer with the company? I was able to find out all the users in the Administrators NT group, but what threw me was the word 'BUILTIN' . Are there other Logins besides 'sa' that get setup during the install?

Thanks.

Helen

View 1 Replies View Related

How Do I Give A User Access To See Jobs Via Enterprise Manager ?

May 11, 2001

Hi,

I have a user who has created several SQL7 databases and uses a VB app which schedules jobs (under the sa account) on the SQL server. How can I allow this user to view scheduled jobs on the server ? I don't want to give him too many priviledges.

Thanks,

Tim

View 4 Replies View Related

Create A View That Will Give Most Current Status (by Statusdatetime) Of Each Order Number

Jan 20, 2015

We are having trouble figuring out how to create a view for this scenario:

We have a status log table that holds an order number, statusdatetime, and statuscode. This table will have multiple status' for the same order number. I want to create a view that will give me the most current status (by statusdatetime) of each order number. This view would show: order number, statusdatetime, and statuscode.

Here is a sample of the data:

Order numberStatusDateTimeStatusCode
1234512/15/2014 15:00CREATE
1234512/15/2014 16:30CONFIRMED
4567812/16/2014 08:00CREATE
9876412/18/2014 12:00CREATE
9876412/19/2014 08:00CONFIRMED
4567812/17/2014 09:30CONFIRMED
4567812/19/2014 15:30IN-TRANSIT

So my view should result in :

Order numberStatusDateTimeStatusCode
1234512/15/2014 16:30CONFIRMED
9876412/19/2014 08:00CONFIRMED
4567812/19/2014 15:30IN-TRANSIT

View 4 Replies View Related

How Do I Create A SQL Server Job To Execute A .exe File?

Jun 10, 1999

I am having trouble getting a job step to execute an executable file. One of the options for a job step is to enter an operating system command. I have tried entering the following operating system command to execute a file:

'start c:myfile.exe'

For some reason this doesn't work. How can I get SQL Server to execute an executable file?

View 3 Replies View Related

IIS Access To SQL Server With Trusted Security

Dec 7, 2000

Does anyone know of a component or other mini application that can be run on the IIS server and allow IIS to access SQL Server 7 databases using Trusted Security.

Our security unit has required us to run SQL Server with Trusted Security so changing to Mixed mode is not an option. We are also not allowed to use Basic Authentication for Active Server Pages with IIS. IIS and SQL server are also on different machines.

We are looking into the possibility of trying to create a component that would run on the IIS machine to allow us to use Trusted Security to the SQL Server (in effect try to make it work the same way that the Cold Fusion product does).

Any help would be really appreciated.

Thanks

View 1 Replies View Related

Need Access-like Security Of SQL Server Express

Jun 8, 2007

Is there a way to implement Access-like password protection on a SQL Server Express dataset?



The database will be deployed on individual's PCs with no centralization of control. I want to restrict users from being able to see table definitions, stored procedures, etc. Access-like password protection is what I want, but I don't see any similar feature within SQL Server Express. Am I missing something?

View 1 Replies View Related

SQL Security :: Create Linked Server Using Windows Authentication

Sep 9, 2015

I have two SQL Server machines - RPTPROD and DATAPROD.

I wanted to create a linked server from RPTPROD pointing to DATAPROD using Windows Authentication.  When I tried to create this linked server, I keep getting this error

"Login failed for user 'NT AUTHORITYANNOYMOUS LOGON' (Microsoft SQL Server,Error: 18456)".  

On the "Security" page, I chose "Be made using the login's current security context".   I'm sysadmin on both SQL Server machines.  

View 3 Replies View Related

Why ALTER QUEUE WITH STATUS=OFF Execute The Activation SP?

Jul 18, 2007



Hello,

I have a strange error that occurs if I run ALTER QUEUE with status = OFF on my receiving queue...



Purpose of the test was to check that when the queue get disabled all my event notification set up works fine ..

I found out that the Event Notification will not be thrown if I call ALTER QUEUE with status = OFF on a queue that has not messages inside but If I run anyway ALTER QUEUE with status = OFF I found out that the receive activation Stored Procedure is called and because the code is wrapped around a

BEGIN TRY

...

END TRY

BEGIN CATCH

RAISEERROR (.........) WITH LOG

END CATCH



the SP goes in the catch block and actually I see my Application event log full of entries that contains:

The conversation handle is missing. Specify a conversation handle.'



First at all:

why the activated stored procedure is called if I execute:ALTER QUEUE with status = OFF ?



Thanks

Marina B.

View 2 Replies View Related

Attach Databases Dialog Doesn't Give Mw Access To My VWD Folders

Mar 25, 2007

I'm using SQL Server Management Studio eExpress and I'm tryng to link to a database created in Visual Web Developer Express. My problem is that I can't see large parts of my file system when I try to attach a database in SQL Server Express. Web Developer Express likes to put its databases in C:Documents and Settings<User Name>My DocumentsVisual Studio 2005WebSites<Site Name>App_Data. However, when I try to attach a database in that location to SQL Server Express (Right Click Databases node, select Attach from the shortcut menu then Add from the Attach Databases dialog) I get a folder tree that won’t let me go any further than C:Documents and Settings<User Name>. There seem to be large parts of my folder structure that I cannot access with this dialog.
 
Just in case this is a permissions issue, I am using Windows XP Pro on a stand alone machine. I log on as Administrator, and the <User Name> in the above paths is Administrator. The Administrator is a member of the Administrators group. I have never logged on as anything else and never made any changes to the way permissions are set. When I start SQL Server express I select Windows Authentication.
 
TIA

View 3 Replies View Related

DB Design :: Create Views From 2 Tables One Of Which Is Lookup Table That Will Give Column Names

Aug 5, 2015

I am trying a create views that would join 2 tables:

Table 1: Has all the columns need by a view (
Name: Product
Structure: ID, Attribute 1, Attribute 2, Attribute 3, Attribute 4, Attribute 5 etc
Table 2: Is a lookup table that provides the names of columns
Name: lookupTable
Structure: tableName, ColumnName, columnValue
Values: Product, Attribute1, Color
Product, Attribute2, Size
Product, Attribute3, Flavor
Product, Attribute4, Shape

I want to create a view that looks like

ID, Color, Size, Flavor, Shape

View 4 Replies View Related

SQL Security :: Deny Alter And Drop Permissions On ONLY Stored Procedures

Aug 19, 2015

We have a generic sql login "prduser". Applications use this login. We want the login NOT to have ALTER PROCEDURE and DROP PROCEDURE permissions only on the stored procedures(there are thousands of them).

View 17 Replies View Related

Security For MS Access Frontend && SQL Server Backend?

Jan 23, 2004

Hi, this is my first post (hopefully of many) on this board. Just wanted to say a quick hello before I dive into my question. :)

As the title suggested, I have to develop a MS Access form app (yes, it has to be Access - I know it sucks) that will post and query data to and from a remote SQL Server db. While I have no problem linking the two through the default ODBC drivers, my question is security. Some (actually most all) of the data being passed back and forth is sensative information, and I would like to know the best way to keep it safe.

If anybody has any suggestions, instructions, or can redirect me to a good FAQ site on the subject, I would be most appreciative. I have already done a search on these forums for an answer, but have sadly come up short.

Thanks to all in advance!

View 3 Replies View Related

SQL Server Security Setup For Web Application Access

Jun 6, 2007

All:

I am writing an Internet/Extranet based (ASP.Net 2.0) web application that uses SQL server 2005 as the database. I am using forms authentication on my web application. I am also storing the connection string to SQL server in my web config file. The conn string is encrypted using DPAPI with entropy. I currently have created a SQL login account on my SQL server for use by the web application. This is the user ID I am using in my conn string. The reason for this is because all persons using the application will NOT have a windows login.

Here is my question: The login I created currently has defaulted to the "dbo" role and therefore has "dbo" rights to the database. I want to setup up this login account so that all it can do is execute stored procedures. I dont want this SQL login to be able to do anything else. In my application I am using stored procedures for ALL data access functions, via a data access layer in my application. Can someone guide me step by step as to how to setup this type of access for this SQL login.

Thanks,

Blue.

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved