Permissions archives - SQL Server with Mr. Denny
Home > IT Blogs > SQL Server with Mr. Denny >

SQL Server with Mr. Denny:

Permissions

Sep 21 2009   11:00AM GMT

DENY overwrites GRANT, most of the time



Posted by: mrdenny
Permissions

SQL Server rights are pretty easy to work with most of the time.  You grant a bunch of rights to an object, then you deny rights to those objects and the user looses the rights.  Pretty easy.  Now the catch is that if you use the fixed database roles, those roles overwrite any denies that are in place. Continued »

AddThis Social Bookmark Button     3 Comments     RSS Feed     Email a friend

Jul 20 2009   11:00AM GMT

Changing the default owner when creating objects



Posted by: mrdenny
T/SQL, Tables, Permissions, SQL Server 2005, SQL Server 2008

When a user that doesn’t have sysadmin rights creates objects by default they will be created in the schema that is the users default schema.  Now the catch to this is that if you grant the user rights into the database via a domain group that domain group then the user doesn’t have a default schema.

So, now how do you fix this?  Unfortunately the only fix to this is to grant the users Windows login as a separate login, then grant this login rights into the database.  You can then grant the user which is mapped directly to the users Windows login a default schema of dbo.

Because of this the user should specify the schema when creating objects.

The downside to this is that they won’t be able to use the object editor to create new tables.  All new tables will need to be created in T/SQL directly.

Denny

AddThis Social Bookmark Button     0 Comments     RSS Feed     Email a friend

Feb 3 2009   2:47AM GMT

Rights to System Stored Procedures



Posted by: mrdenny
Permissions, System Objects

Why on earth to people want to go changing the rights on the system objects. Continued »

AddThis Social Bookmark Button     1 Comment     RSS Feed     Email a friend