how to secure SSISConfigurations table with ssis configuration details. URGENT HELP REQUIRED!!!!!!!!!!!!!!



Hi,

I want to assign  permissions to select, update and write (means all) SSISConfigurations table which contains ssis connection strings and connection passwords to only a user abc and sqlAgent login which would use it while running ssis package which is deployed to sql server.

Can you please tell me the process to secure this table so no one except the authorized user can open it or view it.

URGENT HELP REQUIRED!!!!!!!!!!!!!!!!

Thanks.
ezkhanAsked:
Who is Participating?
 
Jason Yousef, MSConnect With a Mentor Sr. BI  DeveloperCommented:
Hello,
You can restrict users using ROLES, or you can on views and schemas.
so you can create views of the table and restrict access to them.

or create new schema for each user and create his table under it.

take a look at this website.
http://www.techrepublic.com/article/understanding-roles-in-sql-server-security/1061781

http://vyaskn.tripod.com/sql_server_security_best_practices.htm

http://beginner-sql-tutorial.com/sql-grant-revoke-privileges-roles.htm

http://www.sqlservercentral.com/Forums/Topic490100-359-1.aspx

Hope that helps
Jason

0
 
lcohanConnect With a Mentor Database AnalystCommented:
You need to EXPLICITELY revoke ALL rights against that databse table for ALL users/roles in the sql database then grant select, update on SSISConfigurations to abc.
Exception to the rule would be any user in the sysadmin server role  on the SQL server.

Here's one script you can run against the DB - just put the object name at the end instead of 'clients'
to help you gett all permissions on that object then script to REVOKE all you want to restrict:

select
 sysusers.name as username, sysusers.gid,
 sysobjects.name as objectname, sysobjects.id,
 CASE WHEN sysprotects_1.action is null THEN CASE WHEN sys.sysobjects.xtype = 'P' THEN 'N/A' ELSE 'No' END ELSE 'Yes' END as 'SELECT',
 CASE WHEN sysprotects_2.action is null THEN CASE WHEN sys.sysobjects.xtype = 'P' THEN 'N/A' ELSE 'No' END ELSE 'Yes' END as 'INSERT',
 CASE WHEN sysprotects_3.action is null THEN CASE WHEN sys.sysobjects.xtype = 'P' THEN 'N/A' ELSE 'No' END ELSE 'Yes' END as 'UPDATE',
 CASE WHEN sysprotects_4.action is null THEN CASE WHEN sys.sysobjects.xtype = 'P' THEN 'N/A' ELSE 'No' END ELSE 'Yes' END as 'DELETE',
 CASE WHEN sysprotects_5.action is null THEN CASE WHEN sys.sysobjects.xtype = 'U' THEN 'N/A' ELSE 'No' END ELSE 'Yes' END as 'EXECUTE'
from
 sys.sysusers
 full join sys.sysobjects on ( sysobjects.xtype in ( 'P', 'U' ) and sysobjects.Name NOT LIKE 'dt%' )
 left join sys.sysprotects as sysprotects_1
  on sysprotects_1.uid = sysusers.uid and sysprotects_1.id = sysobjects.id and sysprotects_1.action = 193 and sysprotects_1.protecttype in ( 204, 205 )
 left join sys.sysprotects as sysprotects_2
  on sysprotects_2.uid = sysusers.uid and sysprotects_2.id = sysobjects.id and sysprotects_2.action = 195 and sysprotects_2.protecttype in ( 204, 205 )
 left join sys.sysprotects as sysprotects_3
  on sysprotects_3.uid = sysusers.uid and sysprotects_3.id = sysobjects.id and sysprotects_3.action = 197 and sysprotects_3.protecttype in ( 204, 205 )
 left join sys.sysprotects as sysprotects_4
  on sysprotects_4.uid = sysusers.uid and sysprotects_4.id = sysobjects.id and sysprotects_4.action = 196 and sysprotects_4.protecttype in ( 204, 205 )
 left join sys.sysprotects as sysprotects_5
  on sysprotects_5.uid = sysusers.uid and sysprotects_5.id = sysobjects.id and sysprotects_5.action = 224 and sysprotects_5.protecttype in ( 204, 205 )
where -- sys.sysusers.name = 'beny'            -- by USER
            sysobjects.name = 'clients'      -- by OBJECT
order by
 sysusers.name, sysobjects.name

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.