Restricting User Aaccess
Nov 14, 2007
I want to give user
read access : to all tables in a database
write access: to tables only created by that user in a database
please help
Many thanks
I want to give user
read access : to all tables in a database
write access: to tables only created by that user in a database
please help
Many thanks
I want to provide access to one of my users to a database on the production server. I do not want this user to be able to view anything other than the tables in that database, or the other databases on my production server.
I gave him access to one DB - TestDB- and made him data_reader on that DB. I had set that as his default database. However, when he logs in using SSMS he can see from Object Explorer a listing of all the databases on that server, although he can't access any of those. This is an external user and I don't want him to see any of that stuff, including other objects (SPs, Views, etc.,) even within TestDB.
To summarize, I want to grant access to a windows user to see/select from ONLY tables in TestDB of my production server, and I do not want him to be able to see any objects other than tables of this DB from SSMS.
Hi,
How would I set permission for SQL Server 2005 "User A" to prevent access to System and other user databases, also How to hide the databases that "User A" has no rights to. I mean, when User A logs in, All other user databases are not visible to him/her.
Thanks,
First some explaination then the question. I have some users that legally or otherwise have gotten copies of SQL 2000 and installed it on thier local PC's. They are now using Enterprise Manager to connect to my database servers via IP and server name. They are using thier regular user id and passwords that they would use to log into the HR and Finance applications. For obvious reasons this is not a good thing. Now the question, can I some how restrict connections via EM to just thoses with an sa role? Or am I doing something else wrong or missed some hidden configuration.
Thanks in advance!
T.C.
Hello -
How can I restrict all databases on my system to 25 MB.
Can anyone provide me any script.
Regards,
Rubal
I have one log files which is almost filling up the disk so i added another files to different disk which has space of 150GB.
So can i restrict the first log files so that it won't get filled up. Will the log go to next files.
Hi
I have a table strcutre as follows.This is like a many to many relationship between category and Article. Now i need to pick 3 recrord from each category which has a relavancy 1 sorted by Article date Desc. ie.. from the recent articles..
I can fire 4 diff queries and restrict it using top keyword..
Can i do this in a Single query or in a better way..can anyone help me plz......
Rgds
jinu
Category
---------
catID - PK
CatName
Article
-------
ArticleID - PK
Name
Date
Category_Article
----------------
ArticleID - Composite Key(ArticleID,CatId)
CatID
Relavancy
I have a table with UpdateDate field and I want this field to be populated when a new record is inserted or an existing record is updated using the getdate().
But I dont want the users who insert or update records in this table to have control over this field. Meaning the users should not be able to populate or update this field.
At the same time when the user inserts or updates a record this field should be populated automatically.
Can this be done. Please let me know.
Thanks
Raj
I have a large table with approx 250000 rows in sql 2000. I need toreturn this from an asp page but the query to return this amount ofdata causes the asp to time out before the query completes.Is there any way in ado (or another way useable from asp / vb) that Ican run the query and then fetch a number of rows at a time? I can thene.g. pass the first batch of rows back to the client and then call forthe second batch.Any thoughts appreciated.
View 1 Replies View RelatedHi
I wish to setup a database that can be viewed only by a few users. How do I stop other users and the general public from seeing the database and its structures.
Cheers
Al
Hi all,
I have a user who I only want to provide access to a single folder within
RS2005. I don't seem to be able todo this, they can either see everything or
nothing at all.
What am I missing? Any help much appreciated.
Kind regards
Tarun
I want to restrict the number of records coming from an OLEDB source. I have 500 records in my source table and I want to process one record at a time
I have I set the MaxBufferRows parameter to 1and it l sends 8 records from OLEDB source
Any help is appreciated.
Hello
Is it possible to restrict the export of the header when exporting the report from the browser or at least restrict the export of the image.
Thanks
Inder
Hi,
How the SQL enterprise manager registration using winodws NT authentication can be restricted on workstation.
Thanks
John Jayaseelan
Hi all
Certain people in our company want to use Crystal Reports for data-processing. Problem is we want them to NOT be able to access data in databases within the live server.
Given that we use trusted connection to validate all kind of data-access, I am wondering if there is a way so that (via NT administration or via some SQL Server security features)
the live-server can refuse any connection request from the Crystal Reports application. At the moment the same group of people are allowed access to database (and should remain to be so) on this "live" server via some other applications (e.g. Microsoft Access).
Any advice is welcomed.
Simon
I have users logging into a sql database using sql accounts. I've created below a simplified example of three tables in my 100+ table database. I have a sql table that holds extra information about the sql users and two data tables. I would like to restrict which records the user has access to in the manufacturer and automobile tables. I know I can add the UserID column to these two tables, and then add the appropriate userID into the UserID column of the manufacturer and automobile tables. Hence records in the automobile table with userid X will not be seen by userid Y. My question is, how can I possibly avoid modifying 1000+ sql queries to reference the UserID column? It would save me a lot of time if I can filter the results a user gets based on thier sql login/userid.
+--------------------------+
+ USERS TABLE
+
+ USERID int
+ Name varchar
+ Telephone varchar
+
+--------------------------+
+--------------------------+
+ MANUFACTURER TABLE
+
+ MANID int
+ Name varchar
+
+--------------------------+
+--------------------------+
+ AUTOMOBILE TABLE
+
+ AUTOID int
+ Name varchar
+
+--------------------------+
I'm going through the SQLSecurity Checklist I found at sqlsecurity.com. One of the points it says to "Restrict to sysadmins-only access to stored procedures and extended stored procedures that you believe could pose a threat." It also lists a bunch of stored procs and extended stored procs that you should consider restricting to sysadmins only. I was wondering if someone could give me some pointers on how to do this? I would like to write a script that I could run on every sql server 2000 install that would do this. How could I ensure that every user does not have access except the sysadmins?
Thanks,
Chris
Would like to restrict the dates users can put as parameters. For example, I have a report showing all orders in year 2007. I have exposed Start Date and End Date parameters. When users click the 'View Report' button, the report will filter for orders where attribute EnteredDate is >= Start Date and <= End Date.
I want to restrict the users from entering a start date greater than today's date. Would also like to restrict them from entering an end date that is less than the start date parameter. How can I do this?
TIA.
ElSalsero
Hi
We are developing some applications for Sunit computers (In-vehicle computers) which have limited memory . Because the applications display maps, the will consume alot of memory. Because of this, we want to restrict the amount of memory and other resources SQL Server Express uses to a minimum. I've tried setting 'max server memory', which doesn't help too much as this is only a limit on the SQL engine and not the sqlserver.exe process. What other settings and restrictions can I apply to limit memory consumption by the process?
We have considered using SQL Server Everywhere, but as it doesn't support ODBC (will there be any ODBC support?), we are not too happy about using it. As of now, we have no experience with OLE DB, and the application is MFC 6.0 so we can't take advantage of ADO.NET
Best regards
Bjørnar Sundsbø
Hello everyone,
I have a design problem which I am hoping somebody can shed some light on.
I am running SQL Server 2000 using SQL authenticaiton (due to be changed to Windows authentication in the next 6 months). I have a table in my database which we shall call monthly. I want to restrict the ability to insert to the monthly table to 2 stored procedures (proc_abc & proc_xy) which I have written which do various other validation checks before it inserts the data into monthly.
Users with the Foo function assigned are able to execute proc_abc & proc_xy
I have written a VB application which can be used by users who are not familiar with SQL to be able to execute these stored procedures. (Must have Foo function in order to login to this application).
I want to restrict the ability to execute the stored procedures to users using the VB application only, and thus not be able to execute the stored procedure using Query Analyzer or such like for any Foo user.
Is there anyway I can do this?
One suggestion put to me is two split the functions. Have one function lets call it Top which can access the VB application and then have another function called Bottom which is able to execute the stored procedures. Only the VB app would have access to the Bottom credentials. But is this secure? Would I just hard code the credentials for the Bottom function user within the VB app? This doesn's seem a secure way of doing things to me.
Thanks for the help!
hi all,
Is there any way to restrict the user from selecting the parameters. For example: I have a list of 100 values in a multi-value parameter. I want to to restrict the user to select at the most N number of values.
If possible, process only the N number of values will also do.
Thnx in advance...
Hi
I'm building a data warehouse - my end users connect using Access via ODBC Microsoft SQL Server driver (2000.85.1117.00).
However, whenever they connect using Access via ODBC they get a huge list of sys and INFORMATION_SCHEMA views, in addition to the data warehouse tables they need to access.
How can I remove these sys and INFORMATION_SCHEMA views from the list of tables/views presented to the end user?
I've tried denying access by changing permissions to deny in the public role of the master database - I have also changed permissions in the public role in the data warehouse database. When I do this, the ODBC connection fails to retrieve any objects because it doesn't have access to sys.databases (and various other unspecified objects).
I'm stuck - help!
dear friend,
i run a sql command like this
select * from table_name
what i want is that if no. of records found are greater then 500 than it should stop the query and only show those 500 records dont go further and stop the process
waiting for reply
ashish bhatnagar
This is a slight re-stating from an older thread, which I think warrants some new discussion. The answer has always been that system administrators should have full access to everything on a system, including databases.
Although that is a logical position for internal IT departments it doesn't quite fit the model of systems with outsourced or external system support.
"If you don't trust your DBA, then you need a new DBA. They are in a position of authority for a reason and restricting that authority makes it impossible for them to do the job they are hired to do."
What about scenarios where you have local machine administrators that should NOT be given access to private data in a secured database, even though they need to be able to access and maintain everything else? And unfortunately some regulations are written about access to stored data whether encrypted or not...
In the modern world of Sarbanes-Oxley and PCI-DSS/CISP it is no longer so cut and dried. Especially where companies have software/hardware support contracts with third parties that require administrative access to other aspects of the systems.
So accepting that you might need someone to have administrative level access to the box but they should not be able to view the contents of a database installed on that box, what would you do?
Is there a way to create an adminstrative group that does not allow access to a specific named instance of SQL?
Is there a way to revoke access for one member of the administrators group only?
Thanks,
Ted
we have an application which lets users connect to production database with windows credentials, They are able access the sql tables too with windows login. I want to restrict them from accessing the sql tables. How do I do that.?I tried a db_deny but that prevented them from accessing the application too.
View 10 Replies View RelatedThis is my first time to deploy an asp.net2 web site. Everything is working fine on my local computer but when i published the web site on a remote computer i get the error "Failed to generate a user instance of SQL Server due to failure in retrieving the user's local application data path. Please make sure the user has a local user profile on the computer. The connection will be closed" (only in pages that try to access the database)
Help pleaseee
As a part of our infosec lockdown activity, we are giving a shared ID to all DBAs and would mandate them them to use that ID only. We have a tool from where they will do this activity.The situation what I am getting in with this is, what if they add give their own Active directory ID Sysadmin privileges or create a instance level Sysadmin to bypass our process.
View 9 Replies View Related
Hi,
Please give the T-SQL script for this ? Thanks
Shanth
When I am in Visual Studio 2005, and I try to add an SQL database, I get the following error "generating user instances in sql server is disabled. use sp_configure user instances enabled to generate user instances." I am currently using SQL server 2005 Express. What do I need to do, to create an SQL database? Thanks in advance.
View 4 Replies View Related
i'm using the Enterpirse library logger to write logs into a database.
When choosing connection string i choose the database i want in the "connection properties" dialog box and
push 'Test connection' button.
everything goes well.
then i open the SQL Server Management studio express and connect to the databse to check some things,
from that point on , when i push the 'Test Connection' button in the Enterprise library i get the error:
"cannot open user default database. Login failed. login failed for user My'server/MyuserName'"
even when i close the sql server manager , it is still stuck - the connection test doesn't work anymore....
it only work when i restart the computer.
why ?
Cannot open user default database. Login failed.Login failed for user
'NT AUTHORITYNETWORK SERVICE'. Description:
An unhandled exception occurred during the execution of the current web
request. Please review the stack trace for more information about the error and
where it originated in the code. Exception Details:
System.Data.SqlClient.SqlException: Cannot open user default database. Login
failed.Login failed for user 'NT AUTHORITYNETWORK SERVICE'. I have This Error When i try to log into My online web site, i have no idea how to fix it,one day it was working and the next it wasnt, is there any way to find out what database the default is and if it's either incorrect or not present change the web.config in a way that will make my system work. i have the NT Authority/Network Service in my Server Properties Permissions, its given the type login and is granted Connect SQL by sa i have 3 colder copies of the web site on my server my question is, how would i use of of these to restore the original site configuration is there a way to restore the original configuration to undo whatever it is i've done to break the system ChrisStressed
I would like to know if there is a way to find out who changed a users roles/access WITHOUT using the audit function. For example, if a user account was created and given SA access then changed to read only, how can I find out who made that change? I tried searching for an answer, but kept getting no results. I'm thinking this may tie into the sys.sysusers view?
View 3 Replies View Related Hi,
I have several reports for users to view on our Intranet. After installation of SQL 2005 SP2 patch, I cannot delete user or user's authority from Report in Properties Tab. An error message was shown on the status bar. It indicated that JavaScript Error: 'Return' statement outside of function. Seems something wrong with the 'Delete' funciton in SQL 2005 after update. The other functions worked fine. Could you point me out how to fix it or need to install any updates / hotfix. Thanks a lot!
Regards,
Kenneth Lai
Programmer
Error Pic
Message Box