Re: Add domain user?
From: Jeff Duncan (jduncan_at_gtefcu.org)
Date: 05/06/04
- Next message: Ken Widner: "SQL Jobs & Security"
- Previous message: js: "Re: Add domain user?"
- In reply to: js: "Re: Add domain user?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 6 May 2004 15:25:03 -0400
Go through it first with a fine tooth comb. Make sure the ID that is
running SQL has access by itself and not in a group. Make sure that the
proper Local Admins have direct access accounts and then remove it. Make
yourself a standard login first just for safe keeping if you are in mixed
mode. You should be fine.
-- Jeff Duncan MCDBA, MCSE+I "js" <js@someone@hotmail.com> wrote in message news:O86FNw5MEHA.3472@TK2MSFTNGP10.phx.gbl... > Thanks Jeff. > > How to assign denywrite to MYDN\Test have without by removing it from > local > administrator? > If I take out the db_owner from BUILTIN\Administrators will cause any > problem?? > > > > > "Jeff Duncan" <jduncan@gtefcu.org> wrote in message > news:eq5wXr5MEHA.3208@TK2MSFTNGP10.phx.gbl... >> SA will overrule. The user will be SA. >> >> -- >> Jeff Duncan >> MCDBA, MCSE+I >> "js" <js@someone@hotmail.com> wrote in message >> news:edWLIh5MEHA.1644@TK2MSFTNGP09.phx.gbl... >> > Thanks Jasper. >> > >> > Another question about this one: if a particular role of which the user > is >> > a >> > member has been denied a specific object permission (such as SELECT), > the >> > user is unable to exercise that permission. The most restrictive >> > permission >> > (DENY) takes precedence. >> > >> > What will happen in this case: MYDN\Test is belonging to local >> > administrator >> > group and System Admin Server Role. And I set "db_denydatawriter" to > this >> > user in Northwind database. Can this user exec the "Updte ." statement > in >> > Northwind's table? >> > >> > >> > >> > Please advice.... >> > >> > >> > >> > "Jasper Smith" <jasper_smith9@hotmail.com> wrote in message >> > news:OSzDVD5MEHA.2592@tk2msftngp13.phx.gbl... >> >> By default, a new AD user will have no access to a specific SQL Server >> >> unless they are added to a windows group that has access to SQL Server > or >> >> their domain account is explicitly added as a login. >> >> >> >> -- >> >> HTH >> >> >> >> Jasper Smith (SQL Server MVP) >> >> >> >> I support PASS - the definitive, global >> >> community for SQL Server professionals - >> >> http://www.sqlpass.org >> >> >> >> >> >> "js" <js@someone@hotmail.com> wrote in message >> >> news:uB%23HnU3MEHA.3712@TK2MSFTNGP10.phx.gbl... >> >> > Hi, >> >> > By default, when add a domain user in the Domain Controller, is it >> >> > this >> >> new >> >> > user can access the sql data? >> >> > public role only? Thanks... >> >> > >> >> > >> >> >> >> >> > >> > >> >> > >
- Next message: Ken Widner: "SQL Jobs & Security"
- Previous message: js: "Re: Add domain user?"
- In reply to: js: "Re: Add domain user?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
Loading
