?
Solved

permission to run "execute as"

Posted on 2010-08-27
10
Medium Priority
?
288 Views
Last Modified: 2012-05-10
what permissions are needed to run the above clause?

thanks
0
Comment
Question by:anushahanna
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
10 Comments
 
LVL 143

Accepted Solution

by:
Guy Hengel [angelIII / a3] earned 668 total points
ID: 33542629
see here in the docs:
http://technet.microsoft.com/en-us/library/ms188354.aspx

  Permissions

To execute a module specified with EXECUTE AS, the caller must have EXECUTE permissions on the module.

To execute a CLR module specified with EXECUTE AS that accesses resources in another database or server, the target database or server must trust the authenticator of the database from which the module originates (the source database). For more information about how to establish authenticator trust, see Extending Database Impersonation by Using EXECUTE AS.

To specify the EXECUTE AS clause when you create or modify a module, you must have IMPERSONATE permissions on the specified principal and also permissions to create the module. You can always impersonate yourself. When no execution context is specified or EXECUTE AS CALLER is specified, IMPERSONATE permissions are not required.

To specify a login_name or user_name that has implicit access to the database through a Windows group membership, you must have CONTROL permissions on the database.

Open in new window

0
 
LVL 60

Assisted Solution

by:chapmandew
chapmandew earned 1332 total points
ID: 33542630
impersonation permissions are required.
0
 
LVL 6

Author Comment

by:anushahanna
ID: 33543258
what is a 'module' in this context? what about in a tSQL window in SSMS- what category is that?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 6

Author Comment

by:anushahanna
ID: 33543260
>>impersonation permissions are required.
can you give that in a grant statement?
0
 
LVL 60

Expert Comment

by:chapmandew
ID: 33544309
sure:

USE master;
GRANT IMPERSONATE ON LOGIN::WanidaBenshoof to [AdvWorks\YoonM];
GO
0
 
LVL 6

Author Comment

by:anushahanna
ID: 33544471
OK. Thanks.

In this case, what role/permissions does WanidaBenshoof have he is able to share with YoonM?
0
 
LVL 60

Expert Comment

by:chapmandew
ID: 33544486
that account may have admin/special permissions that you want yoonM to be able to execute
0
 
LVL 6

Author Comment

by:anushahanna
ID: 33544590
OK. What if you do not want yoonM to have sa privileges but just be able to use"execute as" in his query?
0
 
LVL 60

Assisted Solution

by:chapmandew
chapmandew earned 1332 total points
ID: 33544605
allow them to impersonate a user w/ the permissions you want to mimic
0
 
LVL 6

Author Comment

by:anushahanna
ID: 33544639
could you do selective permissions on the impersonate command
what would you change in the following to just give that permissions to YoonM, and not anything else special?

USE master;
GRANT IMPERSONATE ON LOGIN::WanidaBenshoof to [AdvWorks\YoonM];
GO
0

Featured Post

Learn how to optimize MySQL for your business need

With the increasing importance of apps & networks in both business & personal interconnections, perfor. has become one of the key metrics of successful communication. This ebook is a hands-on business-case-driven guide to understanding MySQL query parameter tuning & database perf

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
In part one, we reviewed the prerequisites required for installing SQL Server vNext. In this part we will explore how to install Microsoft's SQL Server on Ubuntu 16.04.
Using examples as well as descriptions, and references to Books Online, show the documentation available for date manipulation functions and by using a select few of these functions, show how date based data can be manipulated with these functions.
This videos aims to give the viewer a basic demonstration of how a user can query current session information by using the SYS_CONTEXT function

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question