Re: Viewing object owner in SQL 2005 - ownership chaining
- From: "Dan Guzman" <guzmanda@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 14 Dec 2007 07:51:31 -0600
Msg 916, Level 14, State 1, Line 1
The server principal "HFDB_2_0_readonly" is not able to access the database "Hotfix_data" under the current security context.
which I believe means that Ownership Chaining failed to "kick in", so that the SELECT looked at the permissions on the target table.
To add on to Erland's response, the user needs a security context in both databases, even if no permissions are granted. You either need to add the user to the other database or enable the guest user in that database.
--
Hope this helps.
Dan Guzman
SQL Server MVP
"Wayne Erfling" <wayne_erfling@xxxxxxxxxxxxxx> wrote in message news:%23B1bryXPIHA.292@xxxxxxxxxxxxxxxxxxxxxxx
I'm trying to set up Ownership Chaining (though I would have preferred it if SQL 2005 supported EXECUTE AS for views).
When I set up both a table and view from one logon (mine) and granted permissions to the view it didn't work, evidently because "creating user" is not equivalent to OWNER. I understand (including the potential risks) and enabled Cross Database Ownership Chaining.
I'm beginning to understand that OWNER lives somewhere between the schema and the USER, but I'm having trouble finding two things:
1) What entity (and what type of entity) is the OWNER of an object such as a VIEW, to which Ownership Chaining applies?
(i.e. the precise definition - is the schema the owner or is a USER the owner, or is the login associated with a USER the owner, etc.)
2) How can I most easily LOOK AT the owner? The Properties for most objects includes a "User" entry but not an "Owner" entry
Unfortunately (before you tell me to look at the page!) the Ownership Chaining example in the books online introduces a bit too much "fluff" in the way of setting up users with default schemas and such, and for me this obscures the definition of who / what the OWNER is.
The basic idea of Ownership Chaining is clear to me, but Owner is simply not defined in the overview, the example or the Books Online Glossary (or on the Internet, so far I've only found references to how owner is used, not the definition).
Many thanks in advance.
---Wayne
P.S. The error message that my "read permission" user gets is:
Msg 916, Level 14, State 1, Line 1
The server principal "HFDB_2_0_readonly" is not able to access the database "Hotfix_data" under the current security context.
which I believe means that Ownership Chaining failed to "kick in", so that the SELECT looked at the permissions on the target table.
I'm sure I can resolve this easily once I understand who the owner is of the VIEW and TABLE so that I can make them match (since it is clearly not the creating login).
.
- Follow-Ups:
- Re: Viewing object owner in SQL 2005 - ownership chaining
- From: Wayne Erfling
- Re: Viewing object owner in SQL 2005 - ownership chaining
- Prev by Date: Re: SQL Server Mode
- Next by Date: Re: Viewing object owner in SQL 2005 - ownership chaining
- Previous by thread: Re: Viewing object owner in SQL 2005 - ownership chaining
- Next by thread: Re: Viewing object owner in SQL 2005 - ownership chaining
- Index(es):
Relevant Pages
|
