Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Simplifying security on SQL Server 2008 R2.

Posted on 2011-03-25
2
Medium Priority
?
544 Views
Last Modified: 2012-05-11
Hi.

I'm using SQL Server 2008 R2 (it's the Dev Ed on my Dev Svr).

I have a DB which is under development.

I use Windows Authentication.

I want to allow all users access to the stored procedures and views for the DB.

What is the simplest way to do this please?

I have the sysadmin role (only because I am the developer on the dev svr - not really a proper admin) and I've manually allowed one other user access to the SPs (ticking the execute option for the SPs for that user). I don't have any views yet.

I know I can do this for each user, but I'm quite happy to simply allow all authenticated users access. The app is both an Excel spreadsheet and a PHP developed web app.

When I add new SPs and views, can these inherit the permissions? Or do I need to add a security setting.

TIA,

Richard.
0
Comment
Question by:Richard Quadling
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 4

Accepted Solution

by:
qasim_md earned 2000 total points
ID: 35213927
You have to generate a script with this SQL and execute it in the SQL window::::

select 'GRANT VIEW DEFINITION ON '+ name +  ' TO [User_Name]' from [Database_name]..sysobjects where type = 'P'
select 'GRANT VIEW DEFINITION ON '+ name +  ' TO [User_Name]' from [Database_name]..sysobjects where type = 'VW'

Example:
GRANT VIEW DEFINITION ON sp_update_LpsPrime_tbl_payments_1000000_rest TO [marketing]

Let me know if it helped ?
0
 
LVL 40

Author Comment

by:Richard Quadling
ID: 35214009
Aha.

So, I can create a DB Role, add the appropriate Active Directories user groups to the role and then use ...


select 'GRANT EXECUTE ON [Database_name].dbo.'+ name +  ' TO [db_ExecuteView]' from [Database_name]..sysobjects where type = 'P' and name like 'RAQ_%'
select 'GRANT SELECT ON [Database_name].dbo.'+ name +  ' TO [db_ExecuteView]' from [Database_name]..sysobjects where type = 'VW' and name like 'RAQ_%'

The sql that the above script outputs runs without issue.

And seems to be OK!
0

Featured Post

Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article covers the basics of data encryption, what it is, how it works, and why it's important. If you've ever wondered what goes on when you "encrypt" data, you can look here to build a good foundation for your personal learning.
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question