Re: Delegate Power of God to only 1 database - How?

From: Tony Su (tonysu@su-networking.com)
Date: 12/19/02 

From: "Tony Su" <tonysu@su-networking.com>
Date: Wed, 18 Dec 2002 17:02:33 -0800

Thanks, Wayne...

I knew the answer was somewhere close by. Removed all the
other role memberships except for public and dbo_owner and
it's working fine.

Guess I'll have to look more closely at the permissions
for the other roles, obviously at least one of them
negated the functionality I wanted for the User.

Couldn't have found the right answer without knowing there
was light at the end of the specific tunnel, thx.

Tony Su

>-----Original Message-----
>The dbo_role is what you want... It is a GROUP of users.
you may add as many
>database users to this role as you wish, and they will
ALL have the same
>rights.
>
>--
>Wayne Snyder MCDBA, SQL Server MVP
>Computer Education Services Corporation (CESC),
Charlotte, NC
>(Please respond only to the newsgroups.)
>
>I support the Professional Association for SQL Server
>(www.sqlpass.org)
>"Tony Su" <tonysu@su-networking.com> wrote in message
>news:016001c2a6c6$47c407c0$d4f82ecf@TK2MSFTNGXA11...
>> Hello Dan,
>> Thx for the response. Yes, I believe that since the
>> default Owner of all objects is "dbo" I'm sure it maps
to
>> the db_owner standard role.
>>
>> If the db_owner role can be mapped to only one User,
>> surely there should be a way to create a role with
similar
>> permissions to only that database which can be assigned
to
>> multiple Users?
>>
>> Am looking for at least a general roadmap from someone
so
>> I'm at least doing something which leads somewhere
instead
>> of trying different things without knowing there should
be
>> a desired result...
>>
>> I'm sure I'm not the first person who has ever wanted to
>> delegate Admin/Owner level permissions to Users for
<only>
>> a specific database without using Windows
authentication...
>>
>> TIA.
>>
>> Tony Su
>>
>>
>>
>>
>>
>> >-----Original Message-----
>> >Exactly what is this 'dBO' role you are referring to?
If
>> you mean to
>> >say the 'db_owner' fixed database role, then you should
>> not have this
>> >problem. In the case of a user-defined role
>> named 'dBO', then perhaps
>> >someone revoked the default public permissions from the
>> system tables.
>> >
>> >A SQL server database includes a built-in 'dbo' *user*.
>> The mapping for
>> >this user is determined by database ownership. You
can't
>> have more than
>> >one SQL login map to 'dbo' in a database.
>> >
>> >--
>> >Hope this helps.
>> >
>> >Dan Guzman
>> >SQL Server MVP
>> >
>> >-----------------------
>> >SQL FAQ links (courtesy Neil Pike):
>> >
>> >http://www.ntfaq.com/Articles/Index.cfm?
DepartmentID=800
>> >http://www.sqlserverfaq.com
>> >http://www.mssqlserver.com/faq
>> >-----------------------
>> >
>> >"Tony Su" <tonysu@su-networking.com> wrote in message
>> >news:022801c2a628$8995e540$d7f82ecf@TK2MSFTNGXA14...
>> >> Can't believe I'm not able to figure this out...
>> >>
>> >> Objective:
>> >> Create a SQL User account (not Windows) which has
full
>> dBO
>> >> rights over the single database. Deny access to
>> everything
>> >> else.
>> >>
>> >> Problem:
>> >> Have assigned the dBO role to the account, but the
>> account
>> >> still cannot access tables because it lacks the
>> >> permissions to execute a select statement
>> on "sysobjects"
>> >> and "sysindexes"
>> >>
>> >> Additional tries:
>> >> Tried assigning dBO permissions to the Master, Model,
>> >> MSDB, Pubs and Tempdb databases.
>> >> Have gone in and checked all the boxes
through "manage
>> >> permissions" for the account, after some complaining
the
>> >> boxes are all checked.
>> >>
>> >> TIA, I know I must be overlooking something stupid...
>> >>
>> >> Tony
>> >
>> >
>> >.
>> >
>
>
>.
>

Relevant Pages

  • ADP, Application Role, and objects
    ... The above link is to an atricle on how to implement SQL Server Application ... After you connect with your ADP, fire a bit of code to set the ... third party tools to view the data on the same database. ... Scenario 1 - If I explicitly grant permissions on that object to the user ...
    (microsoft.public.access.adp.sqlserver)
  • Problem is w/ .ADP..Re: SQL db Permissions for users not working
    ... You do not have SELECT permissions on the ... SysObjects system table in the database. ... figured out that qualifying the database owner (dbo in my ... >> I feel that the object owner is not dbo, ...
    (microsoft.public.sqlserver.security)
  • Re: How to prevent DELETEs in a table
    ... It is the dbo database USER, not server-level groups, that determins ... It has implicit permissions that can not be denied. ... SQL Server just skips any permission validation for sysadmins. ...
    (microsoft.public.sqlserver.server)
  • Re: Execute Persmission denied on object sp_OACreate
    ... > SQL Server is creating a job behind the scenes. ... > permissions. ... > SA account password and gaining access to the database. ... >>> How can get a user permissions to execute these stored procedures ...
    (microsoft.public.sqlserver.security)
  • Re: Newbie: I dont understand user permissions for table access
    ... > My database is remote to my workstation. ... > tables/fields WITHOUT specifying anything in the permissions dialogs? ... >> HOW are you connecting to SQL Server? ... what rights/permissions have been granted to the PUBLIC role? ...
    (microsoft.public.sqlserver.server)