<div>
Are you using Dynamic SQL in the stored procedure? &nbsp;If so then the user will also need rights to those tables.<br />
<br />
An alternative is to have the stored procedure excute as another user so that when teller calls it, it actually runs as the other user.<br />
<br />
-Rowan<br />

</div>


<div>
Yes, and this is the point, the fine distinction of rihts. After solving this problem I will have to learn how to use &quot;with execute as 'dbo'&quot; statement &nbsp;(and this is another problem, because SQL engine does not accept 'dbo' as a user in this context).<br />
But first of all, I need to solve the problem stated above: give permission on procedure.<br />
P.S. I use SQL Server 2005 and Studio Express
</div>


<div>
actually, you will be solve the dynamic sql permissions issue exactly with the &quot;WITH EXECUTE AS ...&quot; syntax.<br />
<br />
please try:<br />
<br />
WITH EXECUTE AS OWNER
</div>


<div>
Well, I tried 'WITH EXECUTE AS OWNER', but at this stage this didn't help.<br />
As I stated, the problem is that the user has no right to execute procedure.<br />
To get clear experiment, I removed all commands from the procedure's body.<br />
And still there's the same error (I have non-English version, so that it is my translation to English): 'EXECUTE permission is forbidden for object &quot;SubmitPayment&quot;, database &quot;Billing&quot;'<br />
The advice you have given me seems to be applicable to the next stage, when I have to deal with commands inside the procedure.
</div>


<div>
I see.<br />
well, the only explanation I have then is that you are NOT connected as &quot;teller&quot;.
</div>


<div>
To tell exactly how it is: There is a role &quot;teller&quot; in database &quot;billing&quot;. <br />
There is user &quot;Leanne&quot; in database &quot;Billing&quot; who belongs to role &quot;teller&quot;.<br />
There is login name &quot;Leanne&quot; in SQL server which corresponds to the role &quot;teller&quot;.<br />
I attached 3 screenshots. I am sorry before non-Russian readers, but, I hope, they would be clear, because main points are marked and in English.<br />
&quot;Login-user.jpg&quot; shows correspondence between Login Name and Database User. Also on background one can see unsuccessfull attempt to execute &quot;SubmitPayment&quot; procedure, and in the status string below - login name &quot;Leanne&quot;, under which the attempt had been made.<br />
&quot;User-Role.jpg&quot; shows correspondence between user &quot;Leanne&quot; and role &quot;teller&quot;.<br />
&quot;teller-rights.jpg&quot; shows checks in front of &quot;EXECUTE&quot; for procedure &quot;SubmitPayment&quot; for role &quot;teller&quot;.<br />
Is something missing in rights assignment?<br />
P.S. In the same way I gave &quot;teller&quot; permission on update, delete, insert for the tables 'Bills' and 'Payments' which worked fine - I tested it using connection under &quot;Leanne&quot;. But unfortunately the same trick does not work with procedure :( although it seems to me that I configured everything according to books and manuals
</div>


<div>
Here are files:<br />
<a href="https://filedb.experts-exchange.com/incoming/2009/03_w12/117018/Login-user.jpg" target="_blank" class="file-inline" title="correspondence between Login Name and Database User (237 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>Login-user.jpg</a><br />
<a href="https://filedb.experts-exchange.com/incoming/2009/03_w12/117020/User-Role.jpg" target="_blank" class="file-inline" title="correspondence between user &quot;Leanne&quot; and role &quot;teller&quot; (96 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>User-Role.jpg</a><br />
<a href="https://filedb.experts-exchange.com/incoming/2009/03_w12/117022/teller-rights.jpg" target="_blank" class="file-inline" title="checks in front of &quot;EXECUTE&quot; for procedure &quot;SubmitPayment&quot; for role &quot;teller&quot; (262 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>teller-rights.jpg</a>
</div>


correspondence between Login Name and Database User

Login-user.jpg

correspondence between user "Leanne" and role "teller"

User-Role.jpg

checks in front of "EXECUTE" for procedure "SubmitPayment" for role "teller"

teller-rights.jpg

<div>
yes, that looks all right, apart that the role &quot;teller&quot; shall not have the ALTER, CONTROL, or TAKE OWNERSHIP permissions, but that is another (security) issue.<br />
<br />
so, what is the stored procedure code, right now?<br />
<br />

</div>


<div>
ALTER PROCEDURE [dbo].[SubmitPayment] <br />
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;@PaymentId int,<br />
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;@AdditionalInfo nvarchar(MAX),<br />
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;@OrderId int,<br />
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;@Referalnoye_voznagrajdeni<wbr />ye_id int<br />
WITH EXECUTE AS OWNER<br />
AS<br />
BEGIN<br />
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SET NOCOUNT ON;<br />
END<br />
<br />
P.S.<br />
Initially I granted &quot;teller&quot; only &quot;execute&quot; and &quot;view definition&quot;. Other permissions were granted in a bid to make the &quot;SubmitPayment&quot; run :)
</div>


<div>
Here's message in English which I got on another SQL server:<br />
The EXECUTE permission was denied on the object 'SubmitPayment', database 'Billing', schema 'dbo'.<br />

</div>


<div>
Yes, right you are!<br />
Thank you, angelIII!<br />
There was &quot;deny&quot; on &quot;Execute&quot; in database &quot;Billing&quot; for role &quot;teller&quot;<br />
1) I have to be more careful in future.<br />
2) I will install English version of SQL Server, because English diagnostics is clearer.<br />
&nbsp; a) It is easier for others to help me<br />
&nbsp; b) It is clearer to me. I must admit, that &quot;was denied&quot; hints on &quot;deny&quot; rule somewhere, whereas its Russian translation does not.
</div>


<div>
Thank you, angelIII!<br />
There was &quot;deny&quot; on &quot;Execute&quot; in database &quot;Billing&quot; for role &quot;teller&quot;<br />
1) I have to be more careful in future.<br />
2) I will install English version of SQL Server, because English diagnostics is clearer.<br />
&nbsp; a) It is easier for others to help me<br />
&nbsp; b) It is clearer to me. I must admit, that &quot;was denied&quot; hints on &quot;deny&quot; rule somewhere, whereas its Russian translation does not.
</div>


<div>
<div class="content wysiwyg-content">
Hello! I wrote stored procedure 'SubmitPayment' and want to give rigth on execution to another user, called 'teller'.<br />
Firstly, I did this through configuration manager.<br />
When this didn't help, I made query:<br />
<br />
use billing &nbsp;<br />
grant execute on [dbo].[SubmitPayment] to teller<br />
<br />
Anyway, when I then connect as 'teller' and try to execute<br />
<br />
USE [Billing]<br />
GO<br />
DECLARE &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;@return_value int<br />
EXEC &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;@return_value = [dbo].[SubmitPayment]<br />
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;@PaymentId = 31<br />
SELECT &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'Return Value' = @return_value<br />
GO<br />
<br />
I get this error:<br />
' 07@5H5=85 EXECUTE 70?@5I5=&gt; 4;O &gt;1J5:B0 &quot;SubmitPayment&quot;, 107K 40==KE &quot;Billing&quot;, AE5&lt;K &quot;dbo&quot;.'<br />
Which is in English: 'EXECUTE permission is forbidden for object &quot;SubmitPayment&quot;, database &quot;Billing&quot;'<br />
Under 'dbo' it works fine, but I need &nbsp;this to work with 'teller' rights.<br />

</div>
</div>


Hello! I wrote stored procedure 'SubmitPayment' and want to give rigth on execution to another user, called 'teller'.
Firstly, I did this through configuration manager.
When this didn't help, I made query:

use billing  
grant execute on [dbo].[SubmitPayment] to teller

Anyway, when I then connect as 'teller' and try to execute

USE [Billing]
GO
DECLARE	@return_value int
EXEC	@return_value = [dbo].[SubmitPayment]
		@PaymentId = 31
SELECT	'Return Value' = @return_value
GO

I get this error:
' 07@5H5=85 EXECUTE 70?@5I5=> 4;O >1J5:B0 "SubmitPayment", 107K 40==KE "Billing", AE5<K "dbo".'
Which is in English: 'EXECUTE permission is forbidden for object "SubmitPayment", database "Billing"'
Under 'dbo' it works fine, but I need  this to work with 'teller' rights.


Cannot grant EXECUTE on my stored procedure

Microsoft SQL Server is a suite of relational database management system (RDBMS) products providing multi-user database access functionality.SQL Server is available in multiple versions, typically identified by release year, and versions are subdivided into editions to distinguish between product functionality. Component services include integration (SSIS), reporting (SSRS), analysis (SSAS), data quality, master data, T-SQL and performance tuning.