?
Solved

Grant full rights to only 1 database & not anything on other databases

Posted on 2012-09-07
5
Medium Priority
?
277 Views
Last Modified: 2012-09-22
Hi Friends,

I have a sql instance which has 5 databases.

I have one user requesting access to ONLY 1 database out of all 5.

Idea is to grant full rights to user to only 1 database & while all other dtabases user cann't even see.

It is also okay if user can't even access SSMS.
0
Comment
Question by:Minesh Shah
  • 3
  • 2
5 Comments
 
LVL 9

Assisted Solution

by:OCDan
OCDan earned 2000 total points
ID: 38377821
In SSMS  then Security (under databases)
Right click the logins folder and pick New Login
Choose either WindowsLogin (From AD)/SQL Server
Set the default database to whichever you want them to have access
Then Go to UserMapping - check map on the DB needed
Select what rights you want to give them on that DB
-(all of them will make it simpler for you)

Done
0
 
LVL 10

Author Comment

by:Minesh Shah
ID: 38385755
Thanks.
One thing always confuses me:
Does above 1 also requires to grant minimum permissions on SSMS> SEcurity section as well?
0
 
LVL 9

Expert Comment

by:OCDan
ID: 38385778
I generally do give read only access as habit,  so I can't say whether its needed or not
0
 
LVL 10

Accepted Solution

by:
Minesh Shah earned 0 total points
ID: 38408378
can be done, get the user in security of sql server with say 'public' access & add ur db in server roles.
then go to db & verify the particular user added above have owner permissions.
Done.
When this user access the db via ssms, he/she can view other db names but when clicked on any other access denied pop up appears.

Also,

Verification can be done using this script:

USE [master]
GO
CREATE LOGIN [Test] WITH PASSWORD=N'abc', DEFAULT_DATABASE=[DEV], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF
GO
USE [DEV]
GO
CREATE USER [test] FOR LOGIN [test]
GO
USE [DEV]
GO
ALTER USER [test] WITH DEFAULT_SCHEMA=[dbo]
GO
USE [DEV]
GO
EXEC sp_addrolemember N'db_owner', N'test'
GO
use [master]
GO
DENY VIEW ANY DATABASE TO [test]
GO


Now...The SQL Login 'test' would have FULL RIGHTS on DEV Database and cannot view/query any other userDB's.
0
 
LVL 10

Author Closing Comment

by:Minesh Shah
ID: 38424422
ok
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently we ran in to an issue while running some SQL jobs where we were trying to process the cubes.  We got an error saying failure stating 'NT SERVICE\SQLSERVERAGENT does not have access to Analysis Services. So this is a way to automate that wit…
An alternative to the "For XML" way of pivoting and concatenating result sets into strings, and an easy introduction to "common table expressions" (CTEs). Being someone who is always looking for alternatives to "work your data", I came across this …
Familiarize people with the process of retrieving data from SQL Server using an Access pass-thru query. Microsoft Access is a very powerful client/server development tool. One of the ways that you can retrieve data from a SQL Server is by using a pa…
This videos aims to give the viewer a basic demonstration of how a user can query current session information by using the SYS_CONTEXT function
Suggested Courses

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question