sql server 2005 security

Using SQL 2005 is there a way to give access to create databases and users (read/write data on the databases they create) but not allow to delete the databases or the users or not having access to backup databases or having access to any other databases? or not allowing traces etc.  I was not sure how to do this so I gave the user sa privalages.  i need to change the rights, any idea?
yanci1179Asked:
Who is Participating?
 
David ToddConnect With a Mentor Senior DBACommented:
Hi,

I just found that a user who had db_owner role on a couple of databases couldn't start a trace. I needed to grant alter trace to this user.

That is, a good compromise of what you asked for can be achieved by giving the users db_owner, and nothing else. They wont be able to create a database though ...

execute sp_addrolemember
      @rolename =  'db_owner'
      , @membername = 'loginname'
go

HTH
  David
0
 
yanci1179Author Commented:
will securityadmin give rights to create accounts as well as GRANT, DENY, and REVOKE; I was going to give this one and dbcreator role; any idea?
0
 
patriktConnect With a Mentor Commented:
Right to create database is server right and can be granted to Login.
Open Security/Logins and find your user in question. In its proprties go to Securables and Add server object in Securables list. In Permissions list you can find "Create any database" right as long as other serverwide rights.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.