Re: SQL2005 grant user access to certain tables
- From: "Arnie Rowland" <arnie@xxxxxxxx>
- Date: Sat, 26 Aug 2006 20:24:37 -0700
Database role was the correct option for this situation.
An Application role is used to provide permissions to all users of an
application. The application has to execute a special stored procedure in
order to use the Application Role, and then the users are limited to the
permissions afforded by the application role. You may wish to read up on
Roles in Books OnLine.
--
Arnie Rowland, Ph.D.
Westwood Consulting, Inc
Most good judgment comes from experience.
Most experience comes from bad judgment.
- Anonymous
<walanta> wrote in message
news:hjq1f2p6jpa9fj2dbk0cc8jnnmq4s1932u@xxxxxxxxxx
Should I create database role or application role.
I created database role and it seems like it's working. What's the
difference? Thanks
On Fri, 25 Aug 2006 13:37:21 -0700, "Arnie Rowland" <arnie@xxxxxxxx>
wrote:
REMOVE that user from the db_datareader role -that role allows reading ALL
tables.
Create a new Role, add the user to the new Role.
Then for each table that the user needs to read, give SELECT permission to
the new Role. (By doing it for the Role, if you need to allow another user
(vacations, etc.) to do the same thing, you just add the additional user
to
the same Role.)
Verify that the user is not a member of any other Role that has
permissions
to SELECT data from the tables.
Make sure that the 'Public' does not have SELECT permissions for any
tables -PUBLIC 'should' not have any permission for any activity for any
object.
.
- References:
- Re: SQL2005 grant user access to certain tables
- From: Arnie Rowland
- Re: SQL2005 grant user access to certain tables
- Prev by Date: Re: SQL Server 2005: Checking if Login is connected to any databas
- Next by Date: Re: sa spid - need to kill - server hanging
- Previous by thread: Re: SQL2005 grant user access to certain tables
- Index(es):
Relevant Pages
|
|
