Veeam® is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers. It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.
Solved
Security issue in SQL: How to hide System Databases from certain users
Posted on 2010-09-06
I am using SQL server 2008 . For securit reasons, I want to restrict certain users' access to a single database so that they can only see the ABCDatabase in Management studio once logged in.
And to achieve that:
1- I have created a new user.
2- Denied View all database rights to that user.
3-Set that user as Owner of ABCDatabase
Now on login that user cannot see other databases but is still able to see the system databases.
How can i hide those system databases from that user?
And to achieve that:
1- I have created a new user.
2- Denied View all database rights to that user.
3-Set that user as Owner of ABCDatabase
Now on login that user cannot see other databases but is still able to see the system databases.
How can i hide those system databases from that user?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3-
2
5 Comments
>but is still able to see the system databases.
sorry...
but you cannot hide those. they contain the meta-data that the user will need to query anyhow to see permissions etc .
sorry...
but you cannot hide those. they contain the meta-data that the user will need to query anyhow to see permissions etc .
Thanks Angelll, but I am not entirely following you. What I need to do is give the user limited access to one database. I also want to remove any risk of them being able to access further databases. That is why I did not want them to see the system/security databases.
Is it possible to give such access to a single database without compromising security for the rest?
Is it possible to give such access to a single database without compromising security for the rest?
>That is why I did not want them to see the system/security databases.
you cannot do that.
>Is it possible to give such access to a single database without compromising security for the rest?
seing the system/security db not comprimise anything else, as with limited permissions, the use cannot "do" anything more than seeing eventually that other databases existed: the user won't be able to connect to those databases, given that the login has not been mapped to those other databases, and does not have server role that would allow him to do so anyhow (aka sysadm)
you cannot do that.
>Is it possible to give such access to a single database without compromising security for the rest?
seing the system/security db not comprimise anything else, as with limited permissions, the use cannot "do" anything more than seeing eventually that other databases existed: the user won't be able to connect to those databases, given that the login has not been mapped to those other databases, and does not have server role that would allow him to do so anyhow (aka sysadm)
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
What if you have to shut down the entire Citrix infrastructure for hardware maintenance, software upgrades or "the unknown"? I developed this plan for "the unknown" and hope that it helps you as well. This article explains how to properly shut down …
Ready to get certified? Check out some courses that help you prepare for third-party exams.
This video shows, step by step, how to configure Oracle Heterogeneous Services via the Generic Gateway Agent in order to make a connection from an Oracle session and access a remote SQL Server database table.
Viewers will learn how to use the SELECT statement in SQL to return specific rows and columns, with various degrees of sorting and limits in place.
Suggested Courses
Course of the Month6 days, 3 hours left to enroll
688 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.