Solved

Security issue in SQL: How to hide  System Databases from certain users

Posted on 2010-09-06
5
370 Views
Last Modified: 2012-06-27
I am using SQL server 2008 . For securit reasons, I want  to restrict certain users' access  to a single database so that they can only see the ABCDatabase in Management studio once logged in.

And to achieve that:

1- I have created a new user.

2- Denied View all database rights to that user.

3-Set that user as Owner of ABCDatabase


Now on login that user cannot see other databases but is still able to see the system databases.

How can i hide those system databases from that user?

0
Comment
Question by:davnhm
  • 3
  • 2
5 Comments
 
LVL 143

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 33610024
0
 
LVL 143

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 33610030
>but is still able to see the system databases.
sorry...
but you cannot hide those. they contain the meta-data that the user will need to query anyhow to see permissions etc .
0
 

Author Comment

by:davnhm
ID: 33610255
Thanks Angelll, but I am not entirely following you. What I need to do is give the user limited access to one database. I also want to remove any risk of them being able to access further databases. That is why I did not want them to see the system/security databases.

Is it possible to give such access to a single database without compromising security for the rest?
0
 
LVL 143

Accepted Solution

by:
Guy Hengel [angelIII / a3] earned 500 total points
ID: 33610318
>That is why I did not want them to see the system/security databases.
you cannot do that.

>Is it possible to give such access to a single database without compromising security for the rest?
seing the system/security db not comprimise anything else, as with limited permissions, the use cannot "do" anything more than seeing eventually that other databases existed: the user won't be able to connect to those databases, given that the login has not been mapped to those other databases, and does not have server role that would allow him to do so anyhow (aka sysadm)
0
 

Author Closing Comment

by:davnhm
ID: 33610363
Very helpful.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SQL Server Results to Excel File 18 73
SQL query for highest sequence 4 59
MSSQL join different row from other table 14 65
SQL Server Trigger 8 33
This article explains how to reset the password of the sa account on a Microsoft SQL Server.  The steps in this article work in SQL 2005, 2008, 2008 R2, 2012, 2014 and 2016.
Ever needed a SQL 2008 Database replicated/mirrored/log shipped on another server but you can't take the downtime inflicted by initial snapshot or disconnect while T-logs are restored or mirror applied? You can use SQL Server Initialize from Backup…
Familiarize people with the process of retrieving data from SQL Server using an Access pass-thru query. Microsoft Access is a very powerful client/server development tool. One of the ways that you can retrieve data from a SQL Server is by using a pa…
Via a live example, show how to setup several different housekeeping processes for a SQL Server.

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question