My goal is to write a DR plan where i am restoring all user databases onto a diffrent server in a event of hardware failure. I was trying to figure out a way to extract DDL of user accounts and their permissions on all user databases so i can simplify my DR documentation.
This is the plan I came up with...to restore all system and user dbs on a different Physical SQLServer.
1. build named instance $PROD
2. restore master database
- startup sqlserver in single user mode -m or DAC sqlcmd -S ServerName -U sa -P<xxx> –A net stop MSSQLSERVER$PROD net start MSSQLSERVER$PROD -m - restore database master from disk e:master.bak with replace;
3. start sqlserver normally
4. stop SQLServer agent
5. restore msdb
-restore database msdb disk e:msdb.bak with replace;
Basically to defend against SQL injection I want to be able to stop basic users or admins from being able to drop tables or doing other damaging activities. I'm using ms sql express, how can I do this? A friend mentioned that he uses MySql and user privileges can be set up in this way.
I am relatively new to sql developer. There is a new user that just joined our organization. I am trying to grant him the same direct grants privilege to the tables that an existing user has. The existing user has a ton of direct table access privileges and it will take days if I had to do each grant one by one like: grant select,insert,delete,update on 'table name' to 'user id'. Is there a way of copying or inserting an existing user's privilege and granting it to a new user.
hi, I created a View,like the following: Create View viewSecure as select * from sales.customer go Grant select on viewSecure to Andrew go Exec as login='Andrew' Select * from viewSecure go Revert go Alter Authorization On viewSecure to Jerry go Exec as login='Jerry' Select * from viewSecure go but, I received the error 'SELECT permission denied on object 'Customer', database 'AdventureWorks', schema 'Sales'. Meanwhile, I re-granted Select Privilege to Andrew, I got the same error. I know Alter Authorization command means to change the owner of an object. I got 3 questions need your help. 1. An user owned an object, if he may have no any privileges to this object? 2.Why I got the same error after re-granted Select privilege to Andrew? 3.How to pass privileges from one user to another?
I have a database for which I need the permissions to execute stored procedures, perform CRUD operations on tables, execute functions and SQL jobs. What should be the SQL command if I am to create a user for this database who will have the most minimum privileges to carry out these activities?
so here i go explaining my problem: I create an empty database. then I use the .net aspregsql tool to make the tables and the procs and everything, and it does. when i view my database it has the 11 empty tables the sprocs and the roles and everything. BUT when I open up the "asp website configuration" to add some users, it gives the following error:EXECUTE permission denied on object 'aspnet_CheckSchemaVersion', database 'masfeni_fakebetsdb', owner 'dbo'.
Hi, I newly created one database (using creat database testdb ). After that i created login name and password for that database ( using create login login1 with password = 'pass1'; use testdb; command) and i created user for that login name ( using create user user1 for login login1 command). Then i connected testdb database using login1. But when i trying to create table in that database, it thrown error. Anyone please tell me that how to assign all privileges to the user user1?
I was trying to review some query statistics and received the following message:
SHOWPLAN permission denied in database Test I gave the user permission by the following command: Grant showplan to user. I am curious as to how much perfomance does this effect? Is there an alternative? regards
can anybody help me. I'm looking for an easy way to grant permissions to a user in all user databases. I already have a script which grants permission to all views and userdefined tables within one database, but since I have to run it in about 100 databases it's still quite timeconsuming. Is there a way to execute that script in all user databases at once ???
I need an example of how to grant access to a SQL user to a DB. For the life of me I can't seem to get my syntax correct. My database name is TEST and my username is LEMME_IN and I want to grant the user "Public" access to the db with db_datareader, db_datawriter database role membership.
I am build an application that able to update insert delete an entries from my sql server, i create a new account in sql server management studio express so my app can connect to the database thru SQL Server Aurthentication. Delete & update method work well but my insert dont.
I change to the connection string to localhost ( WindowsAurthentication) and it works so i conclude that the problem lies on the sql user access. However I had already ticks everything on object explorer > security > logins > my user properties > Server Roles & User Mapping. What should i do inorder to grant insert/create database access to my sql user? Thanks.
How do I grant a user access to a particular project? I have set up some reports and want other users to look at them as a template to build their reports and keep getting projectname.rptproj.user is denied.
We have a custom security working with forms authentication. When we browse to http://servername/reports the UILogon.aspx page comes up, and login with the Admin account is fine we can reach the report manager and see the folders. But when we login with account User1 , which is not an admin account.Login is fine but User1 does not see any folders in report manager. So how do i assign roles to User account when using custom security extension.
I have a larger stored procedure that is running, but I am getting stuck on where I need to grant permissions to a user in a a different database on various functions and stored procedures. For example:
use [Database1] grant exec on [Database2].[dbo].[MyFunction] to bob
returns this error: Cannot find the user 'bob' , because it does not exist or you do not have permission.
However, I know 'bob' exists, plus when I change the use statement to Database2, the line of SQL works correctly. Given the nature of the overall stored procedure this will be running in, I won't have the ability to just change the use statement. Is it possible to grant permissions to a user on a different database without explicity having the use statement set to a particular database?
I'm trying to run the Bulk Insert statement but in order for me the run it, i need to have the sysadmin permission. Can someone show me how to grant sysadmin permission to my SQL Server user? This is really urgent. Thank you in advance.
There's something I can't quite figure out about user creating
The application that I'm currently working on is interacting with DB, therefore every time you use application you need to login as user which is fine. The problem is that certain users should be able to create new users and the new user may even have the same level of permissions as the one that's creating it ( like admin creating another admin acount or some like that).
Question is how can I allow users to create these user with giving them as few permissions as possible.
If there's is somewhere a code sample on the net I would appreciate the link.
I have an web application where the users has to run SQL scheduled jobs from the webpage. How to assign permission to a specific user to run specific jobs without making them a member of a Sysadmin role?
Any ideas you all smart people? Thanks in advance!
i want to create new sql user and grant him two tables access. we have several databases created on same server so we want to allow only two table in ABC database. user should not be able to see other databases and their tables. And user also should not be able to access any other tables in ABC database except two tables.
is there any query to deny all tables in schema for all clauses (Select, Update, Insert) then grant two tables to user with select clause?
I'm trying to grant a user group select access to all the views in a database. I already made a query which creates a result set whit the SQL Syntax I (displayed below) need but it seems to be impossible to get this result set executed after creation.
use [AdventureWorksDW2008R2] SELECT 'GRANT SELECT ON [' + SCHEMA_NAME(Schema_id) + '].[' + name + '] TO [DOMAINGROUP]' FROM sys.views;
Hi. Thru a sproc, I drop & re-create some temp tables.When I call that sproc from the client, though, I cannot drop thetables.I need to allow the user, say "Alex", to drop/create tables (actually,that would be DDL). Which role should "Alex" assume ? How do I do that?I run the following sproc named, say, "CREATE_TABLE" (SNIP):__________________________________________________ __________________Set @StrSQL = 'if exists (select * from dbo.sysobjects where id =object_id(N''[dbo].[' + @TableName + ']'') and OBJECTPROPERTY(id,N''IsUserTable'') = 1) drop table [dbo].[' + @TableName + ']'Exec (@StrSQL)Set @StrSQL = 'CREATE TABLE [dbo].[' + @TableName + '] ([GROUP] [varchar] (6) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,...........[Stuff] [varchar] (20) COLLATE SQL_Latin1_General_CP1_CI_AS NULL) ON [PRIMARY]'Exec (@StrSQL)Set @StrSQL = 'GRANT SELECT , UPDATE , INSERT , DELETE ON [dbo].['+ @TableName + '] TO [Alex]'Exec (@StrSQL)__________________________________________________ __________________As you can see, it is dynamic, because I need to repeat it for many@TableName values - that means, further more, that I will be executingthis in the context of the current user, Alex, and therefore I have togive Alex rights to both executing the sproc and to the tables referredto by the sproc, as specified by @TableName.I created a _TEST sproc which contains only the following:_______________________________________________CREATE PROCEDURE _TEST ASDROP TABLE [dbo].[SomeTable]RETURN_______________________________________________When I execute it from the client, thru ADODB, on user Alex, I get"User does not have permission to execute this operation on tableSomeTable"The table has been created thru "CREATE_TABLE", abovePlease help, I have to finish this tomorrow, and I'm under tons ofpressure.Thanks a lot,Alex.