[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

permission to run "execute as"

Posted on 2010-08-27
10
Medium Priority
?
294 Views
Last Modified: 2012-05-10
what permissions are needed to run the above clause?

thanks
0
Comment
Question by:anushahanna
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
10 Comments
 
LVL 143

Accepted Solution

by:
Guy Hengel [angelIII / a3] earned 668 total points
ID: 33542629
see here in the docs:
http://technet.microsoft.com/en-us/library/ms188354.aspx

  Permissions

To execute a module specified with EXECUTE AS, the caller must have EXECUTE permissions on the module.

To execute a CLR module specified with EXECUTE AS that accesses resources in another database or server, the target database or server must trust the authenticator of the database from which the module originates (the source database). For more information about how to establish authenticator trust, see Extending Database Impersonation by Using EXECUTE AS.

To specify the EXECUTE AS clause when you create or modify a module, you must have IMPERSONATE permissions on the specified principal and also permissions to create the module. You can always impersonate yourself. When no execution context is specified or EXECUTE AS CALLER is specified, IMPERSONATE permissions are not required.

To specify a login_name or user_name that has implicit access to the database through a Windows group membership, you must have CONTROL permissions on the database.

Open in new window

0
 
LVL 60

Assisted Solution

by:chapmandew
chapmandew earned 1332 total points
ID: 33542630
impersonation permissions are required.
0
 
LVL 6

Author Comment

by:anushahanna
ID: 33543258
what is a 'module' in this context? what about in a tSQL window in SSMS- what category is that?
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 6

Author Comment

by:anushahanna
ID: 33543260
>>impersonation permissions are required.
can you give that in a grant statement?
0
 
LVL 60

Expert Comment

by:chapmandew
ID: 33544309
sure:

USE master;
GRANT IMPERSONATE ON LOGIN::WanidaBenshoof to [AdvWorks\YoonM];
GO
0
 
LVL 6

Author Comment

by:anushahanna
ID: 33544471
OK. Thanks.

In this case, what role/permissions does WanidaBenshoof have he is able to share with YoonM?
0
 
LVL 60

Expert Comment

by:chapmandew
ID: 33544486
that account may have admin/special permissions that you want yoonM to be able to execute
0
 
LVL 6

Author Comment

by:anushahanna
ID: 33544590
OK. What if you do not want yoonM to have sa privileges but just be able to use"execute as" in his query?
0
 
LVL 60

Assisted Solution

by:chapmandew
chapmandew earned 1332 total points
ID: 33544605
allow them to impersonate a user w/ the permissions you want to mimic
0
 
LVL 6

Author Comment

by:anushahanna
ID: 33544639
could you do selective permissions on the impersonate command
what would you change in the following to just give that permissions to YoonM, and not anything else special?

USE master;
GRANT IMPERSONATE ON LOGIN::WanidaBenshoof to [AdvWorks\YoonM];
GO
0

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
In the first part of this tutorial we will cover the prerequisites for installing SQL Server vNext on Linux.
Using examples as well as descriptions, and references to Books Online, show the different Recovery Models available in SQL Server and explain, as well as show how full, differential and transaction log backups are performed
Viewers will learn how to use the INSERT statement to insert data into their tables. It will also introduce the NULL statement, to show them what happens when no value is giving for any given column.

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question