Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Access in sql

Posted on 2013-06-11
8
Medium Priority
?
204 Views
Last Modified: 2013-07-10
I need to give db_owner access to one person present in the AD group which has db_reader access in sql server.Is this is possible?

And I need to deny access to one person in the ad group which has db_owner access.
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 10

Expert Comment

by:Matt Bowler
ID: 39239884
Not within SQL Server unfortunately. SQL Server can determine whether a user is a member of the group or not - but all permissions/privileges are mapped at a SQL Server login and user level. So if you're using a group as a SQL Server login then it's all or nothing I'm afraid.

You'll need to break open the group at an AD level.
0
 
LVL 23

Expert Comment

by:Racim BOUDJAKDJI
ID: 39239931
Why don't you simply create an group for OWNERS and a group for READERS and map them to two separate logins.  Then you can simply put whoever you want anywhere you want depending on what credentials you want to assign.
0
 
LVL 5

Author Comment

by:VIVEKANANDHAN_PERIASAMY
ID: 39240683
No experts, When i did my SQL admin certification, somewhere i remeber it's possible.But not sure.
Atleast i beleieve we can restrict the access.

>>And I need to deny access to one person in the ad group which has db_owner access<<
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 23

Expert Comment

by:Racim BOUDJAKDJI
ID: 39240701
No experts, When i did my SQL admin certification, somewhere i remeber it's possible.But not sure.
Atleast i beleieve we can restrict the access.

Perhaps but that would be a security hack.  

I advise you to do as MattSQL and I suggested to map credential to groups by breaking them down into OWNERS and READERS then assign users to them in an additive way.  The only thing left to do then is to add users to either of these groups based on the level of credential you want to give them: it will be much easier to update than your current policy scheme.

Hope this helps.
0
 
LVL 5

Author Comment

by:VIVEKANANDHAN_PERIASAMY
ID: 39242069
Hello Racimo,

I knew about the alter method.Just eager to know if there is way to do it.
0
 
LVL 10

Accepted Solution

by:
Matt Bowler earned 2000 total points
ID: 39242720
I had a client who required the same sort of security setup and I spent some time investigating and testing various options. Basically the granularity of SQL Security principals stops at SQL users. If you want to configure separate permission levels - you need separate users/logins.
0
 
LVL 5

Author Comment

by:VIVEKANANDHAN_PERIASAMY
ID: 39300765
Need some more tim to investigate
0
 
LVL 10

Expert Comment

by:Matt Bowler
ID: 39316195
Has this been resolved?
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes a method of delivering Word templates for use in merging Access data to Word documents, that requires no computer knowledge on the part of the recipient -- the templates are saved in table fields, and are extracted and install…
Traditionally, the method to display pictures in Access forms and reports is to first download them from URLs to a folder, record the path in a table and then let the form or report pull the pictures from that folder. But why not let Windows retr…
Using Microsoft Access, learn some simple rules for how to construct tables in a relational database. Split up all multi-value fields into single values: Split up fields that belong to other things into separate tables: Make sure that all record…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question