Question About Create Database,login,user,schema And Grant Permissions.
Apr 25, 2007
Hi,
I created a database,login,user and schema like belows.
-- 2. create database
CREATE DATABASE MyTempDatabase;
-- 3. create login
CREATE LOGIN MyTempLogin WITH PASSWORD = '#mytemplogin$',
DEFAULT_DATABASE = MyTempDatabase,
CHECK_EXPIRATION = OFF,
CHECK_POLICY = OFF;
--
USE MyTempDatabase;
-- 4. create user
CREATE USER MyTempLogin FROM LOGIN MyTempLogin WITH DEFAULT_SCHEMA = MyTempSchema;
-- 5. create schema
CREATE SCHEMA MyTempSchema AUTHORIZATION MyTempLogin;
The created user,MyTempLogin, must have permissions that can create tables,drop tables,select,insert,delete,update and bulk insert.
How can I grant permissions to the user?(or schema?)
I failed to grant by T-SQL query.
Additionally, what is purppose of the ROLE? Should I create or use it?
I'm confusing in security concept(login,user,schema,role).
Thanks.
View 3 Replies
ADVERTISEMENT
Feb 19, 2008
I have a larger stored procedure that is running, but I am getting stuck on where I need to grant permissions to a user in a a different database on various functions and stored procedures. For example:
Code Snippet
use [Database1]
grant exec on [Database2].[dbo].[MyFunction] to bob
returns this error: Cannot find the user 'bob' , because it does not exist or you do not have permission.
However, I know 'bob' exists, plus when I change the use statement to Database2, the line of SQL works correctly. Given the nature of the overall stored procedure this will be running in, I won't have the ability to just change the use statement. Is it possible to grant permissions to a user on a different database without explicity having the use statement set to a particular database?
Thanks for any advice!
-Flea#
View 1 Replies
View Related
Aug 16, 2007
In SQL Server 2005 SP2 I want to grant the ability to create views to a user but in order to do this it requires that the users has the ability to grant alter on a schema.
Is there any way to grant this privilage without granting alter on schema also?
View 1 Replies
View Related
Jul 28, 2015
How do I grant a user permissions to only one table in a database. How would it affect him using our Main App which is NAV with regards to his user's permission in NAV
View 2 Replies
View Related
Feb 18, 2008
set up asp .net user account on sql server 2005Question:
I've read the instructions in this article: http://www.netomatix.com/Development/aspnetuserpermissions.aspxBut do not know how to do this:You can grant 'Network Service' or 'ASPNET' user accounts permissions to connect to database.Please provide example on how to do this, thanks!
View 2 Replies
View Related
Apr 7, 2008
Can somebody tell me without pointing to any other link how to grant Create Procedure permission to DB user.
View 3 Replies
View Related
Jan 19, 2001
Hello together,
can anybody help me. I'm looking for an easy way to grant permissions to a user in all user databases. I already have a script which grants permission to all views and userdefined tables within one database, but since I have to run it in about 100 databases it's still quite timeconsuming.
Is there a way to execute that script in all user databases at once ???
Markus
View 2 Replies
View Related
Jul 13, 2015
The requirements are:
1. the user has read-only permissions to dbo tales.
2. the user can do everything within the rpt schema, which contains all objects analyzing dbo tables.
3. the user does not have any permission outside rpt schema, except permissions in #1.
The current solutions are:
1. grant the user select only on dbo tables.
2. make the user the owner of rpt schema.
3. Grant the user database permission on create table/create procedure/create view/create function.
My question is - in step 3, should I just grant "Alter" database permission to the user? Granting Alter seems to be cleaner and simpler. According to MSDN,
"Alter" confers the ability to change the properties, except ownership, of a particular securable. When granted on a scope, ALTER also bestows the ability to alter, create, or drop any securable that is contained within that scope.
View 2 Replies
View Related
Jan 21, 2008
Hi to everybody,
I have a permission problems with user create for service.
I created an user without login in a database. I use this user for service broker activation procedure.So, this user have a certificate to exports in other database.
To generalize activation procedure of many service broker queue I try to use this piece of code :
DECLARE @QueueName nvarchar(MAX)
DECLARE @queue_id int
SELECT @queue_id = queue_id FROM sys.dm_broker_activated_tasks
WHERE spid = @@SPID
SELECT @QueueName = [name] FROM sys.service_queues
WHERE object_id = @queue_id
To use this DMV user need VIEW SERVER STATE grant but this is an user DB and I can't give this grant to user.
How I can do it?
Somebody can help me?
Thanks in advance
Luca
View 3 Replies
View Related
Jan 9, 2007
Hi gurus i am new to sql server.... so plz help me out ... i need script to create new database user and login.i know how to create by enterprise manager but have no idea to create it by QA.
please help me out
thanks in advance
shekhar
View 3 Replies
View Related
Jan 21, 2008
Hi to everybody,
I have a permission problems with user create for service.
I created an user without login in a database. I use this user for service broker activation procedure.So, this user have a certificate to exports in other database.
To generalize activation procedure of many service broker queue I try to use this piece of code :
DECLARE @QueueName nvarchar(MAX)
DECLARE @queue_id int
SELECT @queue_id = queue_id FROM sys.dm_broker_activated_tasks
WHERE spid = @@SPID
SELECT @QueueName = [name] FROM sys.service_queues
WHERE object_id = @queue_id
To use this DMV user need VIEW SERVER STATE grant but this is an user DB and I can't give this grant to user.
How can I do it?
Somebody can help me?
Thanks in advance
Luca
View 5 Replies
View Related
May 18, 2007
Is it possible to set up the permissions to not allow a specific user to create schemas, but to allow that user to create tables and procedures and functions in one schema, and to create procedures and functions but not tables, in a different schema within the same database?
View 3 Replies
View Related
Oct 22, 2015
I need to provide a User with below permissions:
1. Ability to read and write records in tables in both the X schema and Y schema
2. Ability to read metadata about objects in the X and Y schema
3. Ability to execute stored procedures in the X and Y schema
4. Ability to create and update the necessary schema objects used by X, including but not limited to tables, views, and indexes
5. CREATE FUNCTION permission
6. ALTER and EXECUTE permissions on the X schema
7. VIEW DEFINITION permission on the X and Y schemas to enable view export.
For the point 1, I will assign db_datareader,db_datawriter database roles to the user
For the point 2, when I have searched web, I found out ReadDefinition permission should be granted. I could find only viewDefinition but not ReadDefinition.
For the point 3, 'USE DataBaseName GRANT EXECUTE TO User; Go' - does this sql suffice?
For the point 4, I am not sure what should be done.
For the point 5, 'USE DataBaseName GRANT CREATE FUNCTION TO User; Go' - I guess this will work
For the point 6, Can I use same SQL as point 3 including ALTER ?
For the point 7, 'USE DataBaseName GRANT VIEW DEFINITION TO User; Go'
View 5 Replies
View Related
Oct 1, 2007
Hi all,
I am trying to establish a "sandbox" database for a group of users/developers whereby each user has their own schema and complete control over their schema and only their schema.
I began by creating user logins (Windows Authentication), created schemas for each user where the corresponding login is the owner, and set the schema as default for the user.
At this point, the logins only had "public" and could not create tables. I then granted the Create Table privilege which allowed them to create a table in their schema. However, they could also create tables anywhere else in the database including another user's schema.
How can I set up an enironment where each user has control over just their schema? What permissions would I need to grant and at what level (database,schema, etc.). I also need them to be able to grant privileges on their own schema and/or schema objects.
Any help would be greatly appreciated.
View 4 Replies
View Related
Nov 22, 2006
Hi,
SQL Server Security is not my strong point so forgive me for asking stupid questions.
I have a bunch of tables and sprocs within a schema 'MySchema'. I have a user 'MyUser' defined in the database.
I would like to give MyUser permission to SELECT from tables and EXECUTE all sprocs in MySchema. What is the simplest way of doing that? Will the following:
GRANT EXECUTE ON SCHEMA::[MySchema] TO [MyUser] WITH GRANT OPTION AS [db_owner]
GRANT SELECT ON SCHEMA::[MySchema] TO [MyUser] WITH GRANT OPTION
accomplish that? (I can't test it out at the moment because our DBA isn't around and I don't have permission)
With best practices in mind - is what I am doing here considered "ok". Any suggestions/comments are welcome.
-Jamie
P.S. Can anyone recommend any documentation that talks about what best practices should be in the use of schemas. BOL is a bit sparse. Thanks.
View 5 Replies
View Related
Jun 26, 2007
There's something I can't quite figure out about user creating
The application that I'm currently working on is interacting with DB, therefore every time you use application you need to login as user which is fine. The problem is that certain users should be able to create new users and the new user may even have the same level of permissions as the one that's creating it ( like admin creating another admin acount or some like that).
Question is how can I allow users to create these user with giving them as few permissions as possible.
If there's is somewhere a code sample on the net I would appreciate the link.
View 1 Replies
View Related
Apr 17, 2015
I have a sql server 2012 server and I need to prevent the users from creating new schemas by mistake. Is there any way to revoke that permission alone but still letting the user to create their own objects in dbo (yes I know that shouldn't be in dbo but that is another issue).
View 2 Replies
View Related
May 20, 2015
I created a new login and then created a new user [COM] in DB with default schema pointing to [COM]
I created then schema [COM] WITH AUTHORIZATION [COM]
I want this [COM] user to have all permissions it needs on [COM] schema only. How do I do that? When I try to create table [Com].Table it gives me permission denied.
What am I missing?
View 9 Replies
View Related
Dec 1, 2007
Hi there,
I need help. I can mapped login to another database by MSSQLManagement studio. I need that in sql.
Security->Logins->Select LoginName->properties->user mapping->from the users mapped that login I select my database name and from the Database role membership db_owner and then click ok. I need that in sql.
thank now
View 2 Replies
View Related
Mar 15, 2006
What are the minimum permissions necessary to use CREATE LOGIN?
I'm using db_accessAdmin and db_securityAdmin and db_owner. The user as access to the database.
It still says I can't create the login. What am I missing?
View 1 Replies
View Related
Mar 28, 2005
I use 1&1 to host my site, with SQL Server.
I've used their db management tool to create stored procs and tables.
I backed up the db stored at 1&1 and restored it on my home machine.
On my home machine, I can't access most of the db objects in the restored db via ASP.net, even if I login as sa. I get messages such as "Could not find stored procedure 'proc_name'".
1&1 provided me with a username and password to login into their SQL Server database, and all my objects now have that username as the owner.
The only way I can get the stored procs or tables to work is to prefix them all with the username from 1&1, e.g.:
exec <1&1username>.<proc_name>
Any advice would be most welcome.
Thanks,
B
View 2 Replies
View Related
Nov 22, 2007
i'm using the Enterpirse library logger to write logs into a database.
When choosing connection string i choose the database i want in the "connection properties" dialog box and
push 'Test connection' button.
everything goes well.
then i open the SQL Server Management studio express and connect to the databse to check some things,
from that point on , when i push the 'Test Connection' button in the Enterprise library i get the error:
"cannot open user default database. Login failed. login failed for user My'server/MyuserName'"
even when i close the sql server manager , it is still stuck - the connection test doesn't work anymore....
it only work when i restart the computer.
why ?
View 3 Replies
View Related
Oct 27, 2004
Hi,
Im getting this error when attempting to retrieve data from an sql database.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Data.SqlClient.SqlException: Cannot open database requested in login 'projectAllocations'. Login fails. Login failed for user 'sa'.
Source Error:
Line 13: objConn = New SqlConnection( "Server=LAB303-066NETSDK; Database=projectAllocations; User ID=sa;Password=mypassword")
Line 14: objCmd = New SqlCommand("SELECT * FROM project_descriptions", objConn)
Line 15: objConn.Open()
Line 16: objRdr = objCmd.ExecuteReader()
Line 17: While objRdr.Read()
Source File: C:finalyearproject2sample.aspx Line: 15
Please Help!! Im a beginner to this, so if anyone knows the answer, take baby steps when explaining. Thanks
View 3 Replies
View Related
Jul 27, 2005
Been looking through the forums for a solution to this problem.I already tried granting access through statements such as:exec sp_grantloginaccess N1'machineNameASPNET'But they don't seem to work.. i vaguely remember seeing somewhere a DOS command line statement that grants access to the ASPNET_WP and that fixed my problem before on another computer.. but this is a new computer and i forgot to write down the command.Can anyone help explain and propose a solution to my problem. Many thanxs.
View 9 Replies
View Related
Dec 19, 2003
I am using the MSDE to connect to my ASP.NET application. I get this error after clicking the login button of my login page. Anyone know why this would happen?
Thanks for any help,
Cannot open database requested in login 'DataSQL'. Login fails. Login failed for user 'serverASPNET'.
View 5 Replies
View Related
Apr 16, 2008
Hi when i try and open a database in sql server management studio i get the error "Cannot open user default database. Login failed. Login failed for user 'DOMAINUser'. (.Net SqlClient Data Provider)", what can i do to rectify this, i have googled around and still havent found no answers.
View 4 Replies
View Related
Jun 17, 2007
Hey Microsoft: this affects development that will eventually sell a lot of seats on SharePoint Server 2007. If you guys and gals can't straighten out this mess, you can't expect custom solutions with custom web parts. So pay attention for your own good. Yes, SPS 2007 is what this is all about. I've created simpe web parts and deployed them, same VS 2005, but I need local development and debugging for more complex stuff. I'm really disappointed that you have no solution for this problem.
I've seen other posts on this, but the result seems to be the same: if you fix it, it's by accident, not by design.
1. I created a blank ASP.NET web site
2. I added a web part manager
3. I added a web part zone
I get the error described above. I have no idea why SQL Server settings are so screwed up.
I've tried all the stuff in the other posts - security settings, command line installation, etc. None of those worked.
The default template(s) don't copy anything into App_Data, nor create an empty folder. I don't know why that is. I have other web sites working just fine, but they use remote SQL databases, or local ones I created, and didn't need profile management (no forms authentication, no web parts, no web zones).
I've also started out with a local database, using SQL Authentication, later moving it to a remote server, and never had any problems. The SQL Server developer edition and Express seem to work just fine. I can also debug stored procs when the .mdf is in App_Data. So the problem isn't one of connectivity.
What would cause the default screw-up? This would seem to point from all directions to a problem with Visual Studio (2005)? The installation is defalt - perhaps some extras included (copy local), but nothing unusual. AJAX for ASP.net is installed, but not used in the above "default web site" trial. Likewise Syncfusion's tools, which work fine on other developer workstations at this same location, all of which are from the same image (purchased at the same time & imaged). That web parts work on other boxes, running all the same management tools (anti-virus, remote sys admin/sms etc.) makes none of those suspect.
I think Microsoft needs to have a clean problem solution and publish it. SP1 certainly doesn't fix it. What's worse is the stupid, lame error message. "I can't open the default database". Well, what did you try? What do you think the default is? What settings are you using? Why is there no debugging information other than the usual worthless trace information showing it's all deep within the ProviderBase and SqlClient namespace code? How is that supposed to be helpful?
If anyone has anything solid, not guesses, I'd like to know.
View 1 Replies
View Related
Jan 11, 2008
I need to create a new login with SELECT rights so the users can view all tables with no UPDATE, DELETE, OR INSERT rights. But this user needs to be able to CREATE VIEWS. I have assigned the user to the Public role and gone in and modified Securables for the Database to be able to CREATE VIEW. When I connect using my new user and try to create a view, I get the error message: CREATE VIEW permissions denied in database 'test01'.
Help Please
TMDavis
View 1 Replies
View Related
Nov 16, 2006
How do I allow a user (or group of users) permission to create/drop a table?
I have found the 'GRANT CREATE TABLE TO username' command, which will (I assume) allow a user to create a table, but how to I allow a user to 'DROP' the created table as well?
'GRANT DROP TABLE TO username' doesn't work?
and I want the users to be able to DROP/DELETE this table (temporary table created just for printing purposes) as well.
thanks
View 3 Replies
View Related
Sep 24, 2013
I'm trying to grant a user group select access to all the views in a database. I already made a query which creates a result set whit the SQL Syntax I (displayed below) need but it seems to be impossible to get this result set executed after creation.
use [AdventureWorksDW2008R2]
SELECT
'GRANT SELECT ON [' + SCHEMA_NAME(Schema_id) + '].[' + name + '] TO [DOMAINGROUP]'
FROM sys.views;
View 5 Replies
View Related
May 12, 2008
I am getting the error:
Cannot open database "aspnetdb" requested by the login. The login failed.
When I browse to my ASP.NET 3.5 LINQ web application on the IIS 6.0 server on Server 2003.
I imagine this is because while I granted SQL Server 2005 login and permissions to my database that the application stores its data in, I did NOT grant any rights to the service account the IIS Application Pool uses for its identity to the aspnetdb database on SQL Server which is where all my roles information is stored at.
My question is what are the MINIMUM permissions needed for this database so it can perform its roles related functions?
I'm using Windows Authentications with the SQL Role provider for authorization.
Thank you.
EDIT: I think I only need to open the aspnetdb database and add my login to the aspnet_Roles_FullAccess role. Is that correct?
View 2 Replies
View Related
May 18, 2006
Hello, I recently view a webcast of sql injection, and at this moment I created a user, and give dbo to this user, and this same user, is the one I have in the connection string of my web application, I want to create a user to prevent sql injection attacks, I mean that user wont be able to drop or create objects, only select views, tables, exec insert,update, deletes and exec stored procedures.
Is any easy way to do this?
A database role and then assing that role to the user?
View 4 Replies
View Related
Apr 18, 2008
Hi I have asp.net2 app using SQLExpress which works fine in VS2005.
When I compile it and try to run it from IIS on the same machine using the same
sql server database with:
connectionstring="server=.SQLEXPRESS;Database=abc.mdf;Trusted_Connection=yes"/>
I get the following error.
Cannot open database abc.mdf requested by login. The login failed. Login failed for user 'machinenameASPNET'
Any help much appreciated
Thanks
David
View 2 Replies
View Related
