SUSER_SNAME Vs. CURRENT_USER
Oct 13, 2005which one should I use to record update made by users
suser_sname() or Current_User?
Current_User
System_User
User_Name
Suser_Sname()
ADVERTISEMENT
Always Return Dbo When Run Select Current_user Command As A Windows Account
Oct 11, 2007
I use a windows account "mydomainuser1" to login sql server
The "select current_user" always return "dbo" instead of "mydomainuser1"...
It also return "dbo" after i explicitly run "execute as user=''mydomainuser1" command
Why?
thanks
SUSER_SNAME() In Windows Intranet App
Oct 19, 2006I've just broken out in a bit of a cold sweat on reading a couple of other posts in here...My scenario is that I've developing an intranet only application which will use Windows authentication at the back end, with users allocated into several NT groups (Users, Managers, PowerUsers, Admin etc) and given permissions to the appropriate stored procedures/ views. Windows security will also be used on the front end, so that less privileged users won't be able to see web pages or their menu entries. I'm assuming this is a common scenario and have been blithely developing away without giving much extra consideration to it. However, I'm using SUSER_SNAME() in some of my procs and triggers to record who updated or inserted records. From what I've read, it appears that this function will only return the ASP.NET user, not the Windows NT username of the person under a Windows authenticated ASP.NET application. Is this correct? If so, does all the security have to be scripted in the front end, and given that triggers don't take parameters, how can I supply a trigger with the actual name of the person who made the change.Apologies if I have the wrong end of the stick, I have no way of actually testing the security out at present as I'm working from home, but this is quite alarming, as you can imagine.
View 2 Replies View RelatedNon-deterministic System Function Suser_sname
Dec 8, 2007Hi,
I am using Sql Server 2005 as the database management and Access 2003 as the front-end. In the database, I intend to give different views of tables to different users. That's why I used suser_sname system function, which returns the windows login id and authenticates users to see different records in the same view. What I want to do in Access is, allowing some specific users to be able to do update, insert and delete operations through a form based on this view (which only depends on 1 table). However, Access tells me that "the recordset is not updateable". In order to be able to change records, I tried to create new index for the view in Sql Server, which failed giving "Sql Server, Error number:1949" and telling me that it fails since suser_sname yields non-deterministic results. The strange thing is that when I open VB Editor in Access and write a simple update code within this form, it updates both the view and the table in the database. My question is: How can I do update, delete and insert operations on the form directly? Is there a way to do the authentication without using a nondeterministic function in Sql Server or using the front-end Access 2003? Maybe a function similar to the current_user function in Access can do that, I don't know.
It's been a long question but I desperately need the answer. Any thanks will be appreciated.
Non-deterministic System Function Suser_sname-I Think Here Is The Right Place For My Question
Dec 8, 2007
Hi,
I am using Sql Server 2005 as the database management and Access 2003 as the front-end. In the database, I intend to give different views of tables to different users. That's why I used suser_sname system function, which returns the windows login id and authenticates users to see different records in the same view. What I want to do in Access is, allowing some specific users to be able to do update, insert and delete operations through a form based on this view (which only depends on 1 table). However, Access tells me that "the recordset is not updateable". In order to be able to change records, I tried to create new index for the view in Sql Server, which failed giving "Sql Server, Error number:1949" and telling me that it fails since suser_sname yields non-deterministic results. The strange thing is that when I open VB Editor in Access and write a simple update code within this form, it updates both the view and the table in the database. My question is: How can I do update, delete and insert operations on the form directly? Is there a way to do the authentication without using a nondeterministic function in Sql Server or using the front-end Access 2003? Maybe a function similar to the current_user function in Access can do that, I don't know.
It's been a long question but I desperately need the answer. Any thanks will be appreciated.