Re: Allow a 'user' to create new users

From: Erland Sommarskog <esquel@xxxxxxxxxxxxx>
Date: Thu, 10 Jan 2008 14:44:30 -0800

Carlos A. (CarlosA@xxxxxxxxxxxxxxxxxxxxxxxxx) writes:

The user must be 'dbo' of userdatabase, and member of securityadmin role
of the sql server, to execute sp_addlogin
sp_adduser
sp_grantlogin
and assign permissions overall obejcts of user database.

Of these only sp_addlogin/CREATE LOGIN requires securityadmin membership.
For the rest, it's sufficient to be dbo or member of the db_owner role.
Or in SQL 2005 parlance: have CONTROL permission on the database.

--
Erland Sommarskog, SQL Server MVP, esquel@xxxxxxxxxxxxx

Books Online for SQL Server 2005 at
http://www.microsoft.com/technet/prodtechnol/sql/2005/downloads/books.mspx
Books Online for SQL Server 2000 at
http://www.microsoft.com/sql/prodinfo/previousversions/books.mspx
.

References:
- Re: Allow a 'user' to create new users
  - From: Erland Sommarskog

Prev by Date: Re: user defined Role - HELP
Next by Date: Re: user defined Role - HELP
Previous by thread: Re: Allow a 'user' to create new users
Next by thread: Re: sql server 2005 account lockout
Index(es):
- Date
- Thread

Relevant Pages

ADP, Application Role, and objects
... The above link is to an atricle on how to implement SQL Server Application ... After you connect with your ADP, fire a bit of code to set the ... third party tools to view the data on the same database. ... Scenario 1 - If I explicitly grant permissions on that object to the user ...
(microsoft.public.access.adp.sqlserver)
That is permission problem
... SQL Server 2005 can't attach database on Windows Vista ... It seems it must be a permissions problem. ... What is the service account for SQL Server? ...
(microsoft.public.sqlserver.tools)
Re: field level security question
... Vyas, MVP ... listBox control that gets data from a query of the sql server table. ... > recent change in requirement) I see the option to limit permissions right ... > utility opens except their is just no data. ...
(microsoft.public.sqlserver.security)
RE: SQL 2008 - remote connection to the SSIS 2008 - Access denied
... SQL Server configures the appropriate rights during the installation process, ... then add users/groups and assign the appropriate permissions. ... user who created the package apply to the writer role. ... I checked DCOM MsDts component and my user rights for the Remote ...
(microsoft.public.sqlserver.dts)
Re: The user does not have permission to perform this action.
... exec sp_addlinkedserver 'remote_server_name' ... Execute permissions default to members of the sysadmin and setupadmin ... Erland Sommarskog, SQL Server MVP, esquel@xxxxxxxxxxxxx ... Books Online for SQL Server 2005 at ...
(comp.databases.ms-sqlserver)