Db_owner VS Db_ddladmin Roles

Jul 10, 2007

We have several departamental "database administrators" that needs access to their databases "only" and cannot perform maintenance tasks administrative tasks such as backup and create new server login. We basically function as a "database hosting services" to these departamental dbsa. I granted rights to these departamental dbas to their database and I assigned the db_ddladmin role to them. They can create the objects within their database but they cannot read the records because when the table was created it belongs to the dbo schema - I don't want to assign them to the db_owner role, this role is much more permission that they need.

My question is: What is the best way to give these departamental dbas rights to manage their databases without having too much permission to maintain the database permission and settings?

View 5 Replies


ADVERTISEMENT

Roles, Permissions, Db_owner

May 1, 2002

Whats the difference between db_owner and public role...
I want to create a role and add user to it..that user will have all the permissions on all the tables (our tables), all permissions on all stored procedures, triggers, views...that user is owner of all objects....right now we have to manually grant these permissions to each user, and I was think if I create a role I don't have to what happens with stored procedures and jobs ??

Can some one help me the script to do this... am reading lots of articles about these but none have clear instructions...
How do you create
db_datareader, db_datawriter roles ??
I cannot use EM as I have to send this script with our application..
Thanks
Sonali

View 2 Replies View Related

DB_DDLAdmin Role In SQL

Oct 28, 2007

Hello:
I have read that giving a User the DB_DDLAdmin role in SQL might causes problems with ownership chains in the future.  Since the User will have ownership to all objects created, what preventive measures can one take to help avoid any problems which might loom in the distant future due to ownership chains?
Thank you,
-H

View 1 Replies View Related

Schemas, Users, Logins, Database Roles, Application Roles

Mar 5, 2006

Hello,

I am new user of SQL Server. I have some problems with these words. I want to make my database works in my specified permissions. I will specify permissions with schemas and these schema wants an owner. I want this owner should be my user. When creating a user it needs a valid login. I am selecting my login and it occurs and error says this login has an different user. I am specifying permissions with roles. But i can't make association all of them. I hope i told my problem to you as well. If you explain these words to me and tell me how can i do my database's works with my own schemas, users and roles i'll be grateful. Thanks for advices.

Happy coding...

View 4 Replies View Related

Add User/Set Roles In Code And Read Roles

Jan 28, 2004

Can you write a stored procedure to add a user to your DB and set the roles the user belongs to?

I want to write a stored proc. to add users and set roles so it can be used in code instead of doing it manually.

After the user has been added and their roles set, can you write another stored proc. to give you what roles they belong to?

View 3 Replies View Related

SQL Server Roles && ASP.NET 2.0 Forms Authentication Roles

Jun 16, 2006

Apologies if my post does not fit into this forum. I initially tried the SQL Server Data Access forum but I now think my question is more security related.

Is it possible for a web user who has been successfully authenticated with forms authentication to be authorised to use a SQL Server 2000 role depending on a particular ASP.NET 2.0 role that they have been authorised to use? I understand that that I can assign a SQL Server 2000 role to the ASPNET or NETWORK SERVICE account but this will grant access to anonymous web users to the database role. I can ensure that I only call stored procedures which access sensitive data in web pages that are in restricted by ASP.NET roles. However, it would be nice to also restrict stored procedures via the ASP.NET 2.0 Forms Authentication roles.

If this is not possible have you got any bright ideas how I could restrict access to stored procedures who are anonymous web users.

Many thanks,

Mark

View 1 Replies View Related

SQL Server Roles, Windows Groups && ASP.NET Allow Roles

May 6, 2007

I'm developing an ASP.NET2.0 application which accesses a SQL Server 2005 Express database. I plan to use integrated security for access to the database.

I'm confused about the relationships between Windows groups, the ASP.NET web.config file <allow roles=.../> and SQL Server roles.

I would like to create a Windows group to which I can assign multiple users and grant that group access to a Web Site using windows authentication and also grant that windows group access to the database my web application uses.

I have gotten the combination of Windows Authentication to the web site and to the database to work for a specific windows user but I am having trouble determining the combination of database security entities I must create to allow access to my database by members of the windows group.

For a Windows user:

1. Create Windows user

In SQL Express

2. CREATE LOGIN FROM WINDOWS WITH DEFAULT_DATABASE =

3. CREATE USER FOR LOGIN

4. CREATE ROLE

5. EXEC sp_addrolemember <role-name> <user-name>



For a Windows group, what would be the equivalent commands necessary to grant a windows group access to my database? Specifying the Windows Group name in sp_addrolemember does not appear to be sufficient even though the documentation states that a windows group name is a valid value for the member name argument.






View 3 Replies View Related

Fixed Database Roles Vs Application Roles

Aug 24, 2006

After reading Books Online, I am still confused with Database Role vs Application role.

My intention is to control the end users' authority on the database, where the end users will access through Winforms client application. With proper assignment of schema and database roles to an user, I believe this will enough to control the permisison of an user.

If this is the case, why Application role exists? When and why should I use Application Role? How is it different from Fixed Database Role?

View 14 Replies View Related

Oracle Predefined Roles Vs Ms Sql Roles

May 3, 2005

Hi! Can anyone say which ms sql server predefined roles are similar to the following oracle predefined roles: dba, connect, resource. I already know that sysadmin in MS SQL Server is the same as DBA in Oracle but what about the rest?
Thanks a lot.

View 4 Replies View Related

How To Decide On Server Roles And DB Roles

Mar 2, 2006

I am in the process of locking down the SQL Server in an environment that is considered to be in production (pilot stages) and there is no staging or test environment that mirrors it. I need assistance in determining the server and database roles to assign to existing logins, most of which currently have sa and dbowner rights. Because it is not a development environment, I need to be sure that downgrading the server and/or database level permissions will not break any functionality.

I'm starting with the logins that have the SA fixed server role. These logins need to be able to install applications that require the use of a backend database, which will be stored on SQL Server. In addition, through the installation process a new login/password for the newly created database(s) is normally created. For the existing logins with the SA fixed server role, will downgrading to the securityadmin and dbcreator roles be sufficient to facilitate those needs, or are those too much/ too little? And should any user account ever be granted the SA role? If so, what questions could I ask to determine this need?

Since these install process for these applications usually prompt to install using SA or local system account to authenticate to SQL to create the new database(s), that account should have securityadmin and dbcreator roles to create the database and its tables, as well as add a new login to that database.

Please address this question, keeping in mind that the logins will only be performing the described actions, installing apps using SQL Server as the backend database and adding a login to that database (which may or may not be done during the installation process).

Thank you,
nu_dba

View 1 Replies View Related

Db Roles / Server Roles

Apr 15, 2007

Hi,

I'm looking for some guidance/help regarding setting up a sa - lite account in SQL 2005. I need to give another admin rights to create/monitor maintenance plans, backup and restore databases, monitor performance/logins, but NOT be able to have any rights on several tables (and of course not being able to set user permissions).

I've tried using server and db roles but haven't been able to determine how to give someone w/o full sa rights access to maintenance plans.

If you can think of soemthing, please let m eknow.

Jenn

View 4 Replies View Related

Assigning Roles To Roles

Mar 10, 2004

I have MS SQL Server 2000 DB.
I have created a User and created some tables for the same.
I created a Role named A and granted Select Permissions for few tables to that roles.

When I created another Role named B and added this role (A) to B, the permissions are not being xferred to B. Bcos of which, if i assign an User to Role B, he is not able to select the tables for which permissions have been given thru role A.

Note : If i give assign directly the user to Role A, it is working. But i want to assign User to role A only thru B.

View 1 Replies View Related

Db_owner?

Jan 31, 2008

when i try to create an ER diagram in VB Web Server Express it tells me that You do not have the required permissions..
What's up?

View 2 Replies View Related

Db_owner

Sep 6, 2005

I have a stored procedure that I believe is not executing as the specific db in question has no owner(shows as "unknown"). What is the solution?

View 1 Replies View Related

More Than 1 Db_owner

Feb 20, 2008

Hi,

I have a database which contains 5 db_owner. If I need to remove two of them (they have left the company and are not being replaced) so db_changedowner is out of the question.

What is the proper way to do this?

Do I need to transfer their ownerships to one of the existing db_owner?

View 1 Replies View Related

Db_owner Problem

Sep 10, 2006

I recently registered  my  hosted  database  server  on my  pc. When I ran aspnet_regsql.exe the table created have dbo as schema, but when I create a news table throught stored procedure it has my username as schema.When I buildt my site on my pc all tables have dbo as schema.How do I make all tables on my hosted server db have same schema?Thanks The very Newbie 

View 6 Replies View Related

Db_owner Role

Mar 2, 2007

Hi All,

Question:

Why would the user other than sa need the db_owner rights?

View 3 Replies View Related

DB_Owner Is Leaving

Feb 20, 2008

Hi,

I have a database which has two db_owner (dbo and a user).

The user has left the organization a while ago.

Can I remove him or do I need to replace him?

What will happen if I remove him?

Do I need to keep dbo there also?

View 8 Replies View Related

Db_owner To All Tables

Jul 23, 2005

is there a command that can change a login role to db_owner in all thetables, or do i have to use{USE table_nameEXEC sp_adduser 'login name'EXEC sp_addrolemember 'db_owner', 'login name'}for each of the tables ?thanks

View 1 Replies View Related

Db_owner Rights

Jul 23, 2005

If I on a remote hosting server have db_owner rights, do I then also havedb_securityadmin and db_dlladmin rights?BRGS, TCHillII

View 1 Replies View Related

Adding Dbo To Db_owner

Aug 16, 2006

Im duplicating a database by running the script below. This works fine. My only problem is that the dbo user does not by default have any role memberships in the new database hence no access. I have tried using sp_addrolemember but dbo is not a valid user for this procedure. Adding dbo to the db_owner role through the sql2005 MS works fine, but I would very much like to script this. Any suggestions?

--copy databaseuse master;alter database polaris_regular set single_user with rollback immediate;DROP DATABASE polaris_regular;backup database polaris to disk = 'c: mppolarisbak.bak' with INIT,format;restore filelistonly from disk = 'c: mppolarisbak.bak';restore database polaris_regular from disk = 'c: mppolarisbak.bak'with move 'polaris' to 'C:Datapolaris_regular.mdf',move 'polarisLog' to 'C:Datapolaris_regularLog.mdf';

View 4 Replies View Related

Db_owner Role

Aug 15, 2006


I am getting this error message when disabling a job. The user is not a SA.



TITLE: Microsoft.SqlServer.Smo
------------------------------
Alter failed for Job 'XYZ'.

------------------------------
ADDITIONAL INFORMATION:
An exception occurred while executing a Transact-SQL statement or batch. (Microsoft.SqlServer.ConnectionInfo)

------------------------------

EXECUTE permission denied on object 'sp_help_operator', database 'msdb', owner 'dbo'. (Microsoft SQL Server, Error: 229)

The user can diasble the job if i give db_owner permission on msdb.

Is there a way i can do this without making the user db_owner?

Thanks for any help

View 6 Replies View Related

Fixed Db_owner Role

Nov 1, 1999

I have a server that was upgrade to 7 several months ago. The cmptlevel was set to 7 once upgraded. I have a developer group as dbo_owner role on a database and now on certain tables (not all) they can add fields and save. But then go back in and remove the field then try to save they get the error message "- Unable to modify table. ODBC error:[Microsoft][ODBC SQL Server Driver][SQL Server]SETUSER permission denied, database 'XXX',owner 'dbo'."

View 1 Replies View Related

No Dbo For A Database - But There Are Db_owner Users

Aug 27, 2006

I have a number of user databases who have lost their owner. That is, displaying properties for the database says the owner is unknown.

I assume that any user for such a database that's assigned to the db_owner role can admin everything in this database? Which means that the lack of a dbo doesn't cause any other problem than making it impossible to run a sp_helpdb for the database, or...?

Of course I'd like to make someone the owner, but it seems difficult to make an already existing database user the owner, without dropping the user and re-creating it.

View 3 Replies View Related

Stored Procs And Db_owner

Oct 31, 2005

I have some users that I need to run stored procedures, but they can'tseem to run them unless they are in the db_owner role of the database.How do I give them access to run the stored procs without giving themthe complete rights of the db_owner role?Thanks in advance.

View 1 Replies View Related

Problem With DB_OWNER Role..

Aug 21, 2007

Hi All,I am facing a problem while executing a statement through C++ codeusing OLEDB API of Sql server.There is a problem with DB_OWNER role. If I will enable the DB_OWNEReverything is going fine but if I will remove this role than I amgetting error "DB_E_ERRORSINCOMMAND".But if I will execute the same in query analyser it is goingabsolutely fine in either case.I am not able to understand why I am getting error while using API.Please help me......thanks in advance

View 7 Replies View Related

Model Database Without Db_owner

Dec 5, 2007



I am receiving this message in my MOM Server:
The system stored procedure sp_helpdb, which is used to gather information about the databases, has returned an error that may indicate that it cannot determine the db owner for the database [model]. Here are the details: sp_helpdb @dbname='model' on SQL Server Instance: INSTANCENAME. Error number: 515, Error Information: [Microsoft][ODBC SQL Server Driver][SQL Server]Cannot insert the value NULL into column '', table ''; column does not allow nulls. INSERT fails.

So, I run this script in the Master DB:
select name, suser_sname(sid) from master.dbo.sysdatabases where suser_sname(sid) is NULL

And I get the result that the db_owner is set to NULL!

I know that it is not possible to change the DB Owner of the model database but is there any workaround to solve this without reinstalling or similar solutions?

View 13 Replies View Related

Error While Change Db_owner

Jan 2, 2008



hi,

how can i change the database owner field in sp_helpdb. becoz each &every database owner is having different names.
so i want to change to administrator.

when i try to change the through exec sp_changedbowner 'administrator'
it raises error :



Msg 15110, Level 16, State 1, Line 1

The proposed new database owner is already a user or aliased in the database.

can any one help on this one.
regards,
manoj

View 1 Replies View Related

Run SP From Remote Computer Needs Db_owner Privileges ?

Oct 13, 2006

Hi All,

I created SP and enabled db_datareader and db_datawriter for roles for BUILTINUsers on database level.

I can call that SP from my application if I am accessing DB from my app running on the same machine. If I run app on other machine SP throw exception related to lack of permission.

I fixed that by enabling db_owner roles for BUILTINUsers. But it is not good fix from security point of view.

My question is: is there any other way to allow regular user to run that SP by not giving him db_owner privileges?

Also I have to mention that my SP procedure has some dynamic SQL code.

I would greatly appreciate any help,

Thanks,
Roman

View 1 Replies View Related

Urgent,find All Db_owner Login

Jan 29, 2007

Hi,

I need to find all userlogin have db_owner role in any database in the server.

thanks in advance





View 1 Replies View Related

Can't Create A View Despite Being Db_owner On The Database

Feb 11, 2008

I am getting the following error when trying to create a view in a database.

If I have db_owner rights so I should not have an issue? Any thoughts


TITLE: Microsoft SQL Server Management Studio
------------------------------

Property DefaultSchema is not available for Database '[GiftTraq]'. This property may not exist for this object, or may not be retrievable due to insufficient access rights. (SQLEditors)


View 3 Replies View Related

Can&#39;t Take Database Back On Line With Db_owner Userid

Aug 19, 2002

Hi,

I have granted db_owner to a user id. This userid was able to take a database offline, but when trying to bring the database up online, I got an error message 5011, user doens't have permission. Does anyone has any idea why? I read in books on line saying that db_owner fixed roles has permssion to set this database property. Thanks.

View 2 Replies View Related

Db_owner Role And Table Owner Issues

Feb 23, 2004

Hi,

I have given a user db_owner role in a database. When he creates a table using Enterprise manager the table owner is dbo. When he creates a table using Query Analyzer the table owner is the user. eg

Enterprise Manager = dbo.Table1

Query Analyer = username.Table1


This causes a problem when the user is writing web applications. Is this an error in the way i have set up permissions ? How can i make them behave the same way?

Thanks for your help.

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved