Re: Explicit permissions listed twice
- From: David Walker <none@xxxxxxxx>
- Date: Sun, 13 Apr 2008 20:18:02 -0700
Erland Sommarskog <esquel@xxxxxxxxxxxxx> wrote in
news:Xns9A7E7244AFE54Yazorman@xxxxxxxxx:
David Walker (none@xxxxxxxx) writes:
In one of our databases, under Security/Users, when I look at the
Properties for a particular user, and select the Securables page,
each of the permissions is listed twice...
Once with grantor "dbo" and once with grantor "db_owner". The
permissions that were granted by "dbo" do not have Grant, With Grant,
or Deny checked. So, they are kind of empty.
Is this normal? Should I remove the explicit permissions that were
granted by dbo? If so, how? I don't see a way from the GUI in
Management Studio to remove these rows. If they are normal, I won't
worry about them.
I would guess that the granting routine has been run twice. Once by
the real dbo, one by some who has db_owner rights but who were not
dbo.
Removing one set would be a good thingm as there could be confusion
later on when you really want to revoke privilege for a user.
I would create a series of REVOKE statement by selecting from
sys.database_permissions.
OK, thanks. I should be the only one who is granting permissions, but
someone else created the user name. I'll revoke the ones we don't need.
The GUI doesn't seem to have a way. I'm not against using commands (I
frequently do things with commands), but the GUI seems to be fairly
complete in other areas.
David Walker
.
- References:
- Explicit permissions listed twice
- From: David Walker
- Re: Explicit permissions listed twice
- From: Erland Sommarskog
- Explicit permissions listed twice
- Prev by Date: Re: Alter schema on user-defined data type?
- Next by Date: Re: linked server : read only
- Previous by thread: Re: Explicit permissions listed twice
- Next by thread: Encrypting Connections to SQL Server 2005
- Index(es):
Relevant Pages
|
|
