Business Admin Permissions
- From: cbtechlists@xxxxxxxxx
- Date: Tue, 30 Oct 2007 19:15:15 -0000
I've got a web app (myApp) that users log into using SQL
Authentication. The users enter their userid & passwords into a login
form and these are used in the connection string for the rest of the
session. Users are assigned to SQL roles that dictates what
functionality is available to them. We can't use Windows
authentication.
I want to create admin (.NET) tool that will allow the business
administrator to do the following without needing help from IT:
* create new server logins that only have access to the myApp
database
* delete user/login accounts from the database/server
* add/delete users from roles in the myApp database
* reset passwords of users in the myApp database only
* enable accounts that have been locked out because their password
expired
How do I allow the business admin to do these things without 'over-
granting' them permissions on the server? I don't want them to be able
to screw with other databases or logins on the box.
Thanks,
.
- Follow-Ups:
- Re: Business Admin Permissions
- From: Erland Sommarskog
- Re: Business Admin Permissions
- Prev by Date: Linked Server Security
- Next by Date: Best practice for SQL Admins
- Previous by thread: Linked Server Security
- Next by thread: Re: Business Admin Permissions
- Index(es):
Relevant Pages
|
