Re: INSERT an UPDATE permission denied on object

From: Dan Guzman (guzmanda_at_nospam-online.sbcglobal.net)
Date: 05/14/05

  • Next message: Yoshihiro Kawabata: "Re: SQL2KSP4 sp_addalias and db_accessadmin" 
    Date: Sat, 14 May 2005 09:08:21 -0500

    As Jens mentioned, an explicit DENY takes precedence over other object
    permissions. Check the permissions on the table with sp_helprotect.

    USE IX
    EXEC sp_helprotect 'dbo.TBILL'

    If DENY permissions are listed, you can remove these with REVOKE so that the
    user's db_owner role permissions are used. For example:

    USE IX
    REVOKE ALL ON dbo.TBILL FROM SomeUser

    > I don´t understand why just this db.

    Aside from server roles, security in each database is managed independently
    of other databases. Each has it's own set of allowed users, roles, role
    members and object permissions. 

    -- 
Hope this helps.
Dan Guzman
SQL Server MVP
"Leo Quezada" <LeoQuezada@discussions.microsoft.com> wrote in message 
news:E854BA95-1202-4799-A9CD-0B6437583A42@microsoft.com...
> Hi Jens,
>
> The exception is:
> Server: Msg 229, Level 14, State 5, Line 1
> INSERT permission denied on object 'TBILL', database 'IX', owner 'dbo'.
>
> The only way to do insert or update in this db is that i assign the role
> server 'sa' to the NT Login. I don´t understand why just this db.
>
> Regards,
>
> Leo
>
>
>
> "Jens Süßmeyer" wrote:
>
>> What exception message do you get ?
>>
>> Even if you are in the role of dbowner you could been blocked for some
>> reason with a deny rule. Perhaps someone intercepts the security system ?
>> Tell us what exeption you get.
>>
>> HTH, Jens Suessmeyer.
>>
>> ---
>> http://www.sqlserver2005.de
>> ---
>>
>> "Leo Quezada" <LeoQuezada@discussions.microsoft.com> schrieb im 
>> Newsbeitrag
>> news:D04FA683-8A20-4918-82E9-E0286249B17A@microsoft.com...
>> > Hi,
>> >
>> > I have a problem when i try to insert or update in a particular 
>> > database
>> > in
>> > my sql2000 server,  when i use a NT login that have the role dbowner i
>> > can´t
>> > but if i use a SQL Login is ok. In the others databases i dont have
>> > problem.
>> >
>> > This worked until days ago, today not.
>> >
>> > thanks for yoo help
>>
>>
>>
  • Next message: Yoshihiro Kawabata: "Re: SQL2KSP4 sp_addalias and db_accessadmin"

    Relevant Pages

    • Re: Users can import
      ... "Joan Wild" wrote: ... The ADH book has a function called adhSetDbCreate that will deny specified users/groups to create ... distributed workgroup file they will not be able to create a new database and link/import to the BE ... I do, however, also deny all permissions to the tables as Joan mentioned. ...
      (microsoft.public.access.security)
    • Grant, Revoke, Deny
      ... I have a single table in the database that I want role "Apps" to have SELECT ... for the table and choose the X (to deny) for INSERT, UPDATE, DELETE. ... I am unable to reassign permissions to ... special roles. ...
      (microsoft.public.sqlserver.security)
    • Re: Overlapping Permissions
      ... that database? ... And members of the ProductMgmt role can select, ... Do any users or groups have deny set on the ... >> Permissions are cumulative but deny will take precedence. ...
      (microsoft.public.sqlserver.security)
    • Re: List Users Permissions down to table.column action
      ... THIS STORED PROCEDURE GENERATES COMMANDS ... -- FIXED PROBLEMS WITH STATEMENT LEVEL PERMISSIONS GRANTING. ... -- CREATE TABLE TO HOLD LIST OF USERS IN CURRENT DATABASE ... -- GRANT USER ACCESS TO SERVER ROLES ...
      (microsoft.public.sqlserver.security)
    • Re: User access on a company intranet
      ... Yes they need full permissions on the folder where the backend is. ... You wouldn't need to do this in your copy of the database. ... However you can toggle the shiftkey bypass from another mdb file. ... When you want to implement security, you create a new mdw file, ...
      (microsoft.public.access.security)