Re: Read Only User - One Database
From: Sue Hoegemeier (Sue_H_at_nomail.please)
Date: 10/29/04
- Previous message: Dave: "Re: Read Only User - One Database"
- In reply to: Dave: "Re: Read Only User - One Database"
- Next in thread: Adrian Maull \(MCP\): "Re: Read Only User - One Database"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 28 Oct 2004 21:10:48 -0600
No....nothing about someone creating the guest account but I
don't know what databases the user is accessing. Which other
databases? System databases or user databases? Is the user a
member of other roles or groups that would give them access
to the other databases?
-Sue
On Thu, 28 Oct 2004 19:53:01 -0700, "Dave"
<Dave@discussions.microsoft.com> wrote:
>sue i can't see guest account except master database.. you meant somebody
>created it ?
>
>"Sue Hoegemeier" wrote:
>
>> Which other databases? Most likely those are databases with
>> the guest account enabled. If a user doesn't have an account
>> to log into the database and the guest account is enabled,
>> the user has access through the guest account and whatever
>> rights are granted to public and this account. The guest
>> account cannot be deleted from master or tempdb. It can be
>> added, delete from other databases.
>> When you added the user to the db_datareader role, you gave
>> that user permissions to select from all user tables.
>> Permissions are cumulative so the user obtains all
>> permissions through the combination of their individual
>> account and any groups, roles that they are members of. When
>> you also gave the individual account select permission on
>> views, the user ended up with those permissions as well as
>> select on all user tables.
>>
>> -Sue
>>
>> On Thu, 28 Oct 2004 17:39:38 -0400, "Adrian Maull \(MCP\)"
>> <no_spam@no_email.org> wrote:
>>
>> >How do I create a user, that has rights to only one database, and only
>> >select rights to some views?
>> >
>> >I created a login in Enterprise Manager; checked the database access only on
>> >the database the user needs to see; and checked the db_datareader role.
>> >However, logging in as this user I can see and select from other databases.
>> >
>> >Under the database I gave the user rights to, I checked only select rights
>> >on the views I want the user to select from. I can still select from
>> >tables, etc.
>> >
>> >Obviously, I'm missing something here....
>> >
>> >
>>
>>
- Previous message: Dave: "Re: Read Only User - One Database"
- In reply to: Dave: "Re: Read Only User - One Database"
- Next in thread: Adrian Maull \(MCP\): "Re: Read Only User - One Database"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
