Hi , I'm looking for a way that SQL-S7 tells me, what db-role I have.
I want to avoid that the server generates an error message when I'm not
authorized to access an information. So I could give the users only that
information they are authorized for.
May be there is a stored procedure or a template ?
Or is there an other way for controlled checking whether I have the rights
or not ?
Ive been reading over the documentation and some stuff online, but I still dont really understand what the difference is and when you would use one vs the other. Can someone put it in simple terms for this dummy (me) ?
In sql server 2000, I created some custom database roles called ProjectLeader and Developer. I would make these roles a member in the fixed database roles so that I would only have to add the user to the ProjectLeader or Developer role once and they would presto-magico have the security I wanted them to have with no unecessary mouse clicking. I'm not sure how to repeat this process in 2005? Management Studio doesn't seem to allow you to add a role as a member in another role. Is there a work around or solution for this?
Hi all, I am trying to connect to the database using application role. But gives an error An error has occurred while establishing a connection to the server. When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified) for the given connection string Dim connstring As String = "Data Source=Northwind;Initial Catalog=OrderProcessing;Persist Security Info=True;UserID=application_login;Password=wewewe;"
I have SQL server 2005 (Developer edition) installed and I want to add a database role to a database role. It is working on my SQL 2000 server,however, when I tried to do the same thing on SQL2005, It didn't allowed me.
When I go to the Add role and then adding members to the role, the browse screen does not allow me the choice of object type Roles. It only shows me "Users".
Can someone please help me with this and provide me some information of how / what should I set to get the Roles in object types list so I can add a role to a role.
When I assign a role to a user, the user is not actually getting the permissions defined in the role. I am forced to give the permissions directly to the user..any idea why it's ignoring the role which is assigned?
Hello: I have read that giving a User the DB_DDLAdmin role in SQL might causes problems with ownership chains in the future. Since the User will have ownership to all objects created, what preventive measures can one take to help avoid any problems which might loom in the distant future due to ownership chains? Thank you, -H
I am new at this and we encountered a problem. Can names in the public role be deleted? We have some names that need to go - however the delete option does not high light?
Hi Everybody, Experts........ i am using Sql server7.0 I want to Delete existing Role How Can I Delete it. Anybody can please Tell me Immediately... I tryied Sp_DropRole But it display's message successfully completed but role of that name is still there...
Thanx a Lot in Advance.....(after solving this problem) (Mohanlal)
Hi everybody, The below I posted on SQL 2000 Forum about a week ago. Any new thoughts................ I would like to get an input from as many people as possible on the following: In our organization DBA is responsible for 5 servers ( currently NT 4/SQL 7)and is a part of group of a 5 people including manager and 3 developers. DBA currently has a FULL access to every server. In a few months we will be replacing the existing system with Windows 2000/SQL 2000. LAN group will give to DBA only a read rights for the Windows 2000 environment, saying that the AUDITORS, both internal and external, require that. In other words, if DBA needs to run a command prompt, move files from one directory to another in Production environment, he has to fill the request to LAN, so LAN group would do that. So I guess the main question(s) is: What is the degree of involmment of DBA with Operating system? Is DBA suppose to be an NT administrator ( I dont think so, since DBA has a lot of other thing to do? If DBA accidently makes an unwanted changes to the Operating System, who should be blamed for ( not personally, but in more general terms) and would it be an extra argument to take write rights away from a DBA? What auditors saying about that? Thanks a lot in advance, Andrei
The end users are using VB Applications, there they will be entering datas. Those datas will be stored in the SMS Database.
My Problem is through which Roles (Fixed Server Roles or Database Roles) I should attach these end users. If it is a Fixed Server Roles, Other than sysadmin role in which role I should attach this end user. Like that other than DB_Owner in which role I should attach these end users to the Database Roles.
Hi everybody, I would like to get an input from as many people as possible on the following: In our organization DBA is responsible for 5 servers ( currently NT 4/SQL 7)and is a part of group of a 5 people including manager and 3 developers. DBA currently has a FULL access to every server. In a few months we will be replacing the existing system with Windows 2000/SQL 2000. LAN group will give to DBA only a read rights for the Windows 2000 environment, saying that the AUDITORS, both internal and external, require that. In other words, if DBA needs to run a command prompt, move files from one directory to another in Production environment, he has to fill the request to LAN, so LAN group would do that. So I guess the main question(s) is: What is the degree of involmment of DBA with Operating system? Is DBA suppose to be an NT administrator ( I dont think so, since DBA has a lot of other thing to do? If DBA accidently makes an unwanted changes to the Operating System, who should be blamed for ( not personally, but in more general terms) and would it be an extra argument to take write rights away from a DBA? What auditors saying about that? Thanks a lot in advance, Andrei
I'm trying to allow my developers the ability to modify/execute their jobs and dts packages in production....without giving away the security farm so to speak.
Is the processadmin role a possibility?
BOL and the net only seems to say this role allows user to "manage process"...duh.
Your thoughts and advice would be great appreciated.
Hi I'm new to SQL Server. I have created a databased named Sample and I hae created the user with login named "Sman". SMan owns some tables and sp's. I'm able to access the tables and SP's when I was logged in as Sman in Query analyser. I have given a Sysadmin privilege to Sman then I'm not able to access the tables and sp's when i try to login with Sman.
ie, Select * From tabl1 is not working But Select * From Sman.tabl1 is working. I dont know Why is it so? Can any one help me!
Do we have provision of separating sa and sso role in SQL server as we have in sybase? ( In such a case, sa shouldn't have any control on creating/modifying users/logins)
I am a promotional DBA and need help with some code a developer wrote that errors out. He is trying to create a role and to my knowledge there is nothing wrong with the syntax but it gives an incorrect syntax error.
CREATE ROLE 'PPS' IDENTIFIED BY 'stressboy';
error: Server: Msg 170, Level 15, State 1, Line 1 Line 1: Incorrect syntax near 'ROLE'.
we tried it with ' ' & "" and without either. I'm sure this is an easy one for you all. Thanks.
I am developing the security in a sql database, and i am doing so in a hierarchical way. In the white paper Row and cell security it says that we must add the child role as a menber of the parent role, but when you are in the role section you can not add roles as menbers of another role, so what i did was give the parent role ownership over the child role, it seemed logical.
So i build a admin | boss | worker | subworker
Nested Role
Now after giving users to those roles i was good to go and try my hierarchy security, i used the view that is in the white paper cell and row security which the code is the following:
SELECT ID, Label FROM dbo.tblUniqueLabel WITH (NOLOCK) WHERE (ID IN (SELECT dbo.tblUniqueLabel.ID FROM dbo.tblUniqueLabelMarking WITH (NOLOCK) WHERE (CategoryID = 1) AND (IS_MEMBER(MarkingRoleName) = 1)))
But when i runned this view dont matter which users in which role ist always giving me an output of every single line in the table, the problem seem that he is giving me out the IS_MEMBER(MarkingRoleName) = 1 always as true like the user was in every single role.
I have a report based on a cube with some parameters. So far, everything works fine, but there is one thing I want to improve for user-friendliness. I have a parameter linked to country selection and the roles are also based on countries.
My issue is that even if a user can only access the data of one country, in the drop-down list of the parameters, all the countries are available (even if no data is linked to these countries).
I'm wondering if there is a way to "filter" the parameters selection, to display only the countries useful for a specific user.
Hi, Is there a way to script out a database role from SQL management studio? I can only get a script for create or drop. I am looking for a script that shows all object permissions that the role has in a database.
since I am kind o'new with SQL, I preffer get an advice fro you pro's: I created an application which performs access to a database on an SQL server. the application will be used by a few different users, each on a different computer. the application calls stored procedures, updatesinserts records in tables on the SQL and delete rows. what would be the best role to define the users activity ? How do I limit their activity ONLY to the specified actions ?
Our DBA has given me access to MSDB on the SSIS service on one of our servers as db_dtsadmin. When I try to connect to the server using Integration Services in the connect drop down menu, I get the following generic error msg: connect to SSIS service on server 'xxxx' failed: access is denied.
I'm told this role should be sufficient to give me access. Do I need other server access roles to use in conjunction with db_dtsadmin or are we missing something really easy here.
I have a database with 500+ tables and 1000+ views and equal no of stored procedures. I have a sql server login id which I have included in the following roles:
db_datareader db_datawriter
now the issues is.. i want to revoke delete permission from certain tables. Any revoke or deny do not affect the behaviour i.e. even after successfully executing revoke/deny statements on these tables for DELETE statement.. user is able to DELETE.
pl advise the best way to revoke delete permission from a few (half dozen) tables out of the total.
I have one other question. How do you define roles? What role(s) are required to fully administer SQL Server? What role(s) are required to fully administer a single database in SQL Server?
I am getting this error message when disabling a job. The user is not a SA.
TITLE: Microsoft.SqlServer.Smo ------------------------------ Alter failed for Job 'XYZ'.
------------------------------ ADDITIONAL INFORMATION: An exception occurred while executing a Transact-SQL statement or batch. (Microsoft.SqlServer.ConnectionInfo)
Hi, I am using Sqlserver2000 and .net2.0.when i try to Register in Loacal its works fine. But in remote This error occur"The role 'Posters' was not found.The remote Database is sqlserver2005. Thanks,Magesh.