Re: giving a user the ability to add logins and users to a database
From: Sue Hoegemeier (Sue_H_at_nomail.please)
Date: 04/27/04
- Next message: David Riddiford: "Re: Problem changing Service Accounts"
- Previous message: CPNZ: "RE: Connecting to SQL across Non-Trusted Domains"
- In reply to: Matt: "Re: giving a user the ability to add logins and users to a database"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 26 Apr 2004 16:56:13 -0600
Sorry...don't know what else to suggest. There are no
special server or database configurations, options needed to
allow a member of db_accessadmin to execute
sp_grantdbaccess.
-Sue
On Mon, 26 Apr 2004 06:09:57 -0700, "Matt"
<mattcioffi@crd.com> wrote:
>I rechecked everything and it does not work. Are there
>any server configurations or database options that need to
>be set? I will delete the new user and login and try one
>more time but I have tried everything and it still gets
>Server: Msg 15247, Level 16, State 1, Procedure
>sp_adduser, Line 35
>User does not have permission to perform this action.
>login has security administrator server role, the user in
>the database has accessadmin, securityadmin, and at
>various times other roles in the database like db_owner
>and it still will not allow this to work.
>
>
>
>>-----Original Message-----
>>It works. I'm not sure what you missed - double check the
>>databases where you wanted to grant the permissions for
>the
>>new user you created - make sure you were in the correct
>>database. Also double check the database where the new
>user
>>is trying to add users and make sure they are executing
>the
>>procedures in the correct database.
>>As an example, for SomeLogin to be able to add logins and
>>users you would use something like:
>>sp_addlogin 'SomeLogin', 'SomePassword'
>>or
>>sp_grantlogin 'SomeLogin'
>>
>>go
>>sp_addsrvrolemember 'SomeLogin', 'securityadmin'
>>go
>>use YourDatabase
>>go
>>sp_grantdbaccess 'SomeLogin'
>>go
>>sp_addrolemember 'db_accessadmin', 'SomeLogin'
>>go
>>
>>Then when SomeLogin logs into SQL Server, they can
>execute:
>>sp_addlogin 'NewUser', 'SomeOtherPassword'
>>or
>>sp_grantlogin 'NewUser'
>>
>>go
>>use YourDatabase
>>go
>>sp_grantdbaccess 'NewUser'
>>go
>>
>>-Sue
>>
>>On Thu, 22 Apr 2004 14:03:40 -0700,
>><anonymous@discussions.microsoft.com> wrote:
>>
>>>This does not work. I just created a user gave it
>>>security admin role on the server and then gave it both
>>>accessadmin and securityadmin. I get permission denied
>>>when I try to add the user.
>>>
>>>Please help.
>>>>-----Original Message-----
>>>>Members of the server role securityadmin can add logins,
>>>>grant access to Windows logins.
>>>>Members of the database roles db_owner and
>db_accessadmin
>>>>can grant access to the databases in which they are
>>>members
>>>>of that role.
>>>>
>>>>-Sue
>>>>
>>>>On Thu, 22 Apr 2004 13:01:35 -0700, "Matt."
>>>><mattcioffi@crd.com> wrote:
>>>>
>>>>>I need to give a user the ability to create logins and
>>>>>then add that login to a database. Is it possible to
>do
>>>>>this without granting System Administrator Role? I
>>>cannot
>>>>>seem to do this any other way then giving the user
>>>>>sysadmin. Any help would be greatly apperciated.
>>>>>
>>>>>Thanks.
>>>>
>>>>.
>>>>
>>
>>.
>>
- Next message: David Riddiford: "Re: Problem changing Service Accounts"
- Previous message: CPNZ: "RE: Connecting to SQL across Non-Trusted Domains"
- In reply to: Matt: "Re: giving a user the ability to add logins and users to a database"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
