Script To Grant Execute For Sprocs

Aug 7, 2007

Hello.

I'm using what looks to be a popular script to grant execute privileges to stored procedures, and it works great as long as the user account that you want to grant to is not a domain account.
For example, I need to grant execute to myDomaindbUsers, but get a syntax error when the script tries to execute this statement:


SET @SQL = 'GRANT EXECUTE ON [' + @Owner

+ '].[' + @StoredProcedure

+ '] TO myDomaindbUsers'


Incorrect syntax near ''.




The script works fine if a non-concatenated user account is given.
We use Active Directory to manage our access, thus the domaingroup.
Has anyone found a way around this?
Thanks in advance.

Tess


Here's the entire script for anyone who's interested:




USE whateverDatabase

GO

DECLARE @SQL nvarchar(4000),

@Owner sysname,

@StoredProcedure sysname,

@RETURN int

-- Cursor of all the stored procedures in the current database

DECLARE cursStoredProcedures CURSOR FAST_FORWARD

FOR

SELECT USER_NAME(uid) Owner, [name] StoredProcedure

FROM sysobjects

WHERE xtype = 'P'

AND OBJECTPROPERTY(OBJECT_ID(QUOTENAME(USER_NAME(uid)) + '.' + QUOTENAME(name)), 'IsMSShipped') = 0

AND name LIKE 'p%'

OPEN cursStoredProcedures

-- "Prime the pump" and get the first row

FETCH NEXT FROM cursStoredProcedures

INTO @Owner, @StoredProcedure

-- Set the return code to 0

SET @RETURN = 0

-- Encapsulate the permissions assignment within a transaction

BEGIN TRAN

-- Cycle through the rows of the cursor

-- And grant permissions

WHILE ((@@FETCH_STATUS = 0) AND (@RETURN = 0))

BEGIN

-- Create the SQL Statement. Since we€™re giving

-- access to all stored procedures, we have to

-- use a two-part naming convention to get the owner.

SET @SQL = 'GRANT EXECUTE ON [' + @Owner

+ '].[' + @StoredProcedure

+ '] TO myDomaindbUsers'

-- Execute the SQL statement

EXEC @RETURN = sp_executesql @SQL

-- Get the next row

FETCH NEXT FROM cursStoredProcedures

INTO @Owner, @StoredProcedure

END

-- Clean-up after the cursor

CLOSE cursStoredProcedures

DEALLOCATE cursStoredProcedures

-- Check to see if the WHILE loop exited with an error.

IF (@RETURN = 0)

BEGIN

-- Exited fine, commit the permissions

COMMIT TRAN

END

ELSE

BEGIN

-- Exited with an error, rollback any changes

ROLLBACK TRAN



-- Report the error

SET @SQL = 'Error granting permission to ['

+ @Owner + '].[' + @StoredProcedure + ']'

RAISERROR(@SQL, 16, 1)

END

GO

View 3 Replies


ADVERTISEMENT

Grant Execute On Sproc Doesn't Grant Privilege To Update?

Oct 31, 2014

I am writing a stored procedure which updates a table, but when I run the stored procedure using a login that I have granted execute privileges on, then I get a message that I cannot run an update on the table. This would happen in dynamic sql... while my SQL has parameter references, I don't think it is considered dynamic SQL?

sproc:
CREATE PROCEDURE [schemaname].[SetUserCulture]
@UserID int
, @Culture nvarchar(10)
AS
UPDATE dbo.SecUser
SET Culture = @Culture
WHERE UserID = @UserID

execute SQL:
EXEC schemaname.SetUserCulture @UserID = 9, @Culture = N'x'

error:
The UPDATE permission was denied on the object 'SecUser', database 'DatabaseName', schema 'schemaname'.

View 8 Replies View Related

Best Way To Execute Heavy Sprocs Wihtout Slowdown

Aug 27, 2007

Hi,

Just a general question here.. I'm designing a web application that might have 50 million - 100 million rows plus. Basically its a simple logging table each row probably only 24 bytes wide, however I can see it taking quite awhile to execute.

The query is basically a group by, showing the amount of "hits" per day.

Are there any special types of strategies I should implement ? Or is a properly designed structure with indexes likely sufficient (on the right hardware of course)

Thanks for any advice!,
Mike

View 7 Replies View Related

GRANT EXECUTE ON [GRANT EXECUTE]

May 6, 2008

Hi,

I want one of my database users to be able to grant execute to procedures, but I don't want the user to have sys admin rights.

Is this possible. Kind of a statement like the following:

GRANT EXECUTE ON [GRANT EXECUTE] TO myuser

Thanks in advance

View 9 Replies View Related

"Execute Any Procedure" Grant?

Feb 9, 2001

I am trying to set up a security system for my senior developers where they automatically can execute any procedure. It is in the System Administrator server role. Is there any way I can grant this role to their database role withour giving them complete System Adminstrator rights?

View 3 Replies View Related

How To Grant Execute On Xp_cmdshell??

Apr 2, 2002

Can anyone help me please.
Healp please.
Does anybody know how to make xp cmdshell runnable for users other than Admin. It should be possible to grant execute to others, but i can't figure out how.

This is what i found:

Be aware that when you grant execute permission for xp_cmdshell to users, the users will be able to execute any operating-system command at the Windows NT command shell that the account running SQL Server (typically local system) has privilege to execute.

To restrict xp_cmdshell access to users who have administrator permission on the Windows NT-based computer where SQL Server is running, use SQL Setup or SQL Enterprise Manager to set the server options, selecting the "xp_cmdshell - Impersonates Client" option. With this option selected, only users who have connected to SQL Server via a trusted connection and are members of the local Administrators group on that computer are allowed to use xp_cmdshell. The commands run by xp_cmdshell continue to execute in the server's security context.

View 1 Replies View Related

Grant Create - And Execute - Procedures

May 6, 2008

I am creating a login with a user in one database. The id has to
create procedures in the dbo schema, execute them, and grant execute on them to other users.
BOL says to
GRANT ALTER ON SCHEMA::DBO TO username ;
GRANT CREATE PROCEDURE TO username ;
I did that. User can now create procedures, but cannot execute what he creates. And cannot grant execute on the sp to anybody.

I don't want to give this id a lot of priviledges.

View 16 Replies View Related

Grant Execute Permission In 2000

Dec 11, 2006

does anyone know how to do this, its :

GRANT EXECUTE ...

for 2005 but for 2000?

View 6 Replies View Related

How Do I Grant Execute/edit For A DTS Package?

Mar 3, 2008

Hi, I have created a DTS Package in SQL Server 2000, is there any way that a different user can edit and execute that DTS WITHOUT having server roles?


Thanks

View 6 Replies View Related

Grant Execute To Role But Permissions Dont Show Up

Apr 5, 2008

I have a stored procedure in which at the bottom of the code, im granting execute permissions to a role I have defined. However, when I view the permissions on the procedure, the role isnt there, what could I be missing ? The procedures were all created under the default or dbo schema. I could manually give the permissions to the role, but id rather have it scripted.

help ?

View 5 Replies View Related

How To Grant Rights For The Anonymous IIS Web User IUSR_.. To Execute Scalar Function In Assembly

Jul 26, 2006

Dear all,

Basically I want to set chain up the rights so that the anonymous web user IUSR_ .. can execute the new .NET subs, functions etc in the assembly, just as the anonymous web user can execute Stored Procedures when granted. In this way, it should be possible to call the .NET assembly just as classic stored procedures from ASP/ASP.NET.

I have written a .NET function which I can successfully execute if I log on to the database as an administrator by sending this T-SQL query; it returns the result of a given string:

select dbo.CLRHTMLString('abc')

The scenario is now to try to grant access to this assembly for a different role (webuser), which the classic IUSR_MYSERVERNAME is a login of, so that I can call the .NET Assembly when I am authenticated as the anonymous web user (e.g. via ASP, etc.).

To test access, I created a login (webusertest) for a user (webusertest) in the same role (webuser) on the database. But when I use this login, which supposedly has the same rights as the IUSR_, execution right is denied:

EXECUTE permission denied on object 'CLRHTMLString', database 'adt_db', schema 'dbo'.

Note: The 'webuser' database role has Execute permission on the Assembly.

I have also tested this from my actual web page, with the following results:
(1) IUSR_MYSERVER member of db_owner role: Web page has right to call assembly.
(2) IUSR_MYSERVER not member of db_owner role: Web page does not have right to call assembly.

Further test results:
(3) Function can be called when making the user "webusertest" member of the "db_owner" role, which is too much rights to grant for the anonymous web user.

(4) When adding the user 'webusertest' to get 'Execute' permissions on the assembly, it does not get added. After clicking OK, there is no warning message, but when opening the Assembly Properties -> Permission dialog box the same time, the 'webusertest' user does not appear in the list.

Thankful for any advice on this matter.

View 4 Replies View Related

Advantages Of Using CRL Sprocs Over T-SQL Sprocs?

Apr 23, 2006

I am wondering what the advantages of using CRL Sprocs over T-SQL sprocs and what not.

Looking for such comparison and articles on websites resulted in only "how to create CRL sprocs" but none of them were talking about what they are used for in what situations.

I would really appreciate it if you guys can post comments, links and external articles.

Thank you in advance.

View 1 Replies View Related

GRANT SELECT ON [dbo].[TblAreaCatmap] TO [admin] Prevent Grant From Being Automaticly Add To Each Column

Oct 15, 2007



GRANT SELECT ON [dbo].[TblAreaCatmap] TO [admin] prevent grant from being automaticly add to each column?

Is there a way when you issue a grant select to a table or a view to not also grant select for each column.

The problem is when you use the grant command it automaticly adds the grant command to each column. I want to grant the permission at the table level so when the table is scripted it only has a single grant command instead of a grant for the table and a grant for each column which is not needed.

The sql managemnt studion interface will allow you to do this but onlt by using the interface. If you issue the above command from a query window it also creates A GRANT FOR EVERY COLUMN. How can I stop this behavior.

View 9 Replies View Related

How To Grant Create View Access Without Grant Alter On Schema::

Aug 16, 2007

In SQL Server 2005 SP2 I want to grant the ability to create views to a user but in order to do this it requires that the users has the ability to grant alter on a schema.

Is there any way to grant this privilage without granting alter on schema also?

View 1 Replies View Related

Finding Logins That Have GRANT CONTROL And GRANT VIEW DEFINITION

Jul 21, 2015

Have a certificate and symmetric key that i have used the following to GRANT to logins. How can I find out which SQL logins have the GRANT CONTROL and GRANT VIEW DEFINTION?

GRANT VIEW DEFINITION ON SYMMETRIC KEY:: Symetric1 TO Brenda
GRANT CONTROL ON CERTIFICATE:: Certificate1 to Brenda

View 5 Replies View Related

About Those Sp_ Sprocs

Mar 6, 2007

I find the replication put many sprocs with sp_ prefix in our database. Do you think that should be changed? I have been told not to use sp_. See http://www.sqlmag.com/Article/ArticleID/23011/sql_server_23011.html.

View 3 Replies View Related

Sprocs Vs Sql Queries.

Apr 29, 2007

i have a question.  how do i protect my website from sql injection.right now most of my queries are in the form of:  Public Sub updateCredits(ByVal deduct As Int16, ByVal userid As Guid)            Dim cmd As New SqlCommand            Dim con As New SqlConnection(ConfigurationManager.ConnectionStrings("LocalSqlServer2").ConnectionString)            cmd.Connection = con            cmd.CommandType = Data.CommandType.Text            cmd.CommandText = "Update [userprofile] SET credits = credits - @c WHERE userID= @id"            cmd.Parameters.Add("@id", SqlDbType.UniqueIdentifier).Value = userid            cmd.Parameters.Add("@c", SqlDbType.Int).Value = deduct            Using con                con.Open()                cmd.ExecuteNonQuery()                con.Close()            End Using            cmd.Dispose()        End Sub is that a safe way to do it? using parameters and stuff? or should i completely switch over to stored procedures as i hear they are safer. 

View 12 Replies View Related

Sprocs- What Actually Got Executed?

Sep 21, 2005

I know you can use sql profiler to see what sqlcode actually executed when you run a sproc, but is there any way toget this information in asp.net? After executing a sproc, I'd like to send the sqlcode that was sent, to my Audit class. Is there any wayto retrieve this in asp.net itself?cheers!

View 1 Replies View Related

Variables In Sprocs

Sep 27, 2001

While trying to assign a variable a table name then later use the variable name in a select statement (ie select sys_id from @table_name) it fails and says incorrect syntax.

How can I use a variable for a table name to later use within the sproc?

View 2 Replies View Related

Exec And Sprocs

Nov 7, 2000

is it possible to have a sproc with a input parm of a column name and have this column name be inserted into an exec statement that runs and provides the output as a OUTPUT parm instead of a result set?

i can get the sproc to take the column name as a parm, run the exec, but cannot figure out how to assign the "dynamic sql" output to a OUTPUT variable instead of returning the result set.

View 1 Replies View Related

SQL Server Views Vs Sprocs

Aug 30, 2006

I know that stored procedures(sql server) caches stored procedures in memory where it keeps the compiled execution plan in memory, how does it work with the views does sql server store /cache the views. Just wondering Thanks 

View 2 Replies View Related

Generated Sprocs Of VS2005

Oct 24, 2006

Can someone explain the generated sprocs of VS2005 if one column can be nullableDependentOfSeqID = @Original_DependentOfSeqID OR ((@IsNull_DependentOfSeqID = 1) AND (DependentOfSeqID IS NULL))In VS2003 the generated sprocs would beDependentOfSeqID = @Original_DependentOfSeqID OR ((@Original_DependentOfSeqID IS NULL) AND (DependentOfSeqID IS NULL))Which is the best? 

View 1 Replies View Related

UNION 2 Sprocs From Within A Sproc

Aug 21, 2004

Hello,

I have 3 stored procedures.

A, B, C

sproc B has input variable of int



In sproc A, I want to execute B, then C and UNION them together

Can some one possible help me out with syntax?

Thanks a lot.

View 3 Replies View Related

Search For A Phrase In Sprocs

Jul 10, 2007

Due to a business rule change, I had to take what was 1 column in a table and split it off into a new table. Now I need to find every time that column is used in a SPROC and change those sprocs. Is there a way to sift through the sprocs to search for a "phrase" (the column name) -- other than reading through every one manually?

Thanks
Mark

View 11 Replies View Related

Cyclomatic Complexity For Sprocs

May 8, 2015

there's a concept named cyclomatic complexity in software dev which measures the complexity of code by its number of decision points. This would be measured by # of if statements, nested if statements, etc in a method.

Do SQL queries have any type of equivalent? For example, # of joins, # of conditions, etc. Factors into a complexity metric which indicate how complex, risky or error-prone a sproc might be based on certain factors?

View 1 Replies View Related

Alternative To EM For Writing Sprocs?

Oct 11, 2005

I've been using EM for writing stored procedures. I am ready to upgrade to something that works like an IDE. What do you use?

View 7 Replies View Related

How Can I Search All My Sprocs To See If Any Use A Function?

May 6, 2008

Anyone have the code that would allow me to see if any of my sprocs contain references to a function? I imagine it would someting like select name from sysobjecst where charindex(whatevertextis, 'ufnName') > 0

Thanks

View 5 Replies View Related

Rollback When Debugging T-sql Sprocs In VS2005

Apr 27, 2007

Hi,

Is it possible to rollback changes made to the DB when debugging a t-sql sproc in VS2005? i.e. step through the sproc, then hit rollback and be able to step through it again in the same state

Thanks, moff.

View 4 Replies View Related

Copying Sprocs, DTS To Multiple DBs And Servers

May 3, 2007

We have a growing number of servers and databases on each server that all share the same (sub)set of sprocs and UDFs. DTS packages, which we use for data import, frequently need to be copied between the servers. What is the best way to maintain this? Ideally, I would like to be able to click a button and have a script creating or altering one or more sprocs automatically run aginst all DBs on all servers. Likewise, I'd like to be able to copy DTS packages to all servers.

We use SS2000 SP4 and plan to migrate to SS2005. We also use ASP.net 2.0 and VS 2005 SP1.

View 4 Replies View Related

Very Basic Questions About Tsql Sprocs

Apr 2, 2008



Hi,

I really confused , I wanna get an rowid on sql 2000 table so I have created a sproc and it's syntax is OK
How can I check it on sql query analyzer? this sql server 2000
Also How can I use that in select statement?

thanks..

here is my select statement which I have to use sproc inside
select custid,ordernum,sku,amount,
dbo.get_rownums (custid,ordernum,sku ) ???
from tp_cod cod

here is my sproc:
CREATE PROCEDURE [dbo].[get_rownums] @custid as varchar(10),@ordernum as varchar(5),@sku as varchar(10) , @i as int output
AS
BEGIN
DECLARE @SkuID as varchar(10)
--DECLARE @i as int
DECLARE got_sku CURSOR FOR
Select sku from tp_cod where custid=@custid and ordernum=@ordernum
set nocount on
set @i=0
OPEN got_sku
FETCH NEXT FROM got_sku INTO @SkuID
WHILE @@FETCH_STATUS = 0
BEGIN
Set @i =@i + 1
if @SkuID=@sku
begin
return @i
end
else
begin FETCH NEXT FROM got_sku INTO @SkuID end
END
CLOSE got_sku
DEALLOCATE got_sku
END
GO

View 25 Replies View Related

Issues With 1.1 Framework Calling SQL 2005 CLR Sprocs?

Oct 5, 2006

Are there any issues calling SQL 2005 CLR bases stored procedures and functions from a web application which uses the dotnet 1.1 framework?

I assume not, but would like advice from those who've been there...

Thanks,

Marie

View 3 Replies View Related

Config Files For .Net Code In Managed Sprocs

Oct 3, 2006

I have been attempting to create a managed stored procedure which calls a web service using WSE 3.0 for security.

It appears that the WSE-generated config file (or possibly the app.config file) is not accessible to the .Net code.

Is there a method for using config files with CLR managed sprocs?


Thanks,
Max

View 1 Replies View Related

How To Script Muplitple SPROCS/VIEWS At One Time

Mar 30, 2006

In Enterprise Manager one can select several SPROCS/VIEWS using the CONTROL key and then Right-Click to script out those objects. Alternativly, pressing CONTROL-C copies, to the clipboard, the T-SQL to create the selected objects.

SQL Management Studio seems to only allow you to script one object at a time.

Is there a way in SQL Management Studio to select multiple objects and generate create or modify scripts?

View 5 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved