Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

db_denydatareader vs public access

Posted on 2013-10-22
3
520 Views
Last Modified: 2013-11-04
with public access, the user can generally read something.. with db_denydatareader on a database, are we denying 100% read possibility - is that the reason to add this to an existing user?
0
Comment
Question by:25112
3 Comments
 
LVL 30

Assisted Solution

by:Alexandre Simões
Alexandre Simões earned 250 total points
ID: 39593320
Short answer: Yes.

This will always override db_datareader, so a user that, for instance, belongs to 2 groups will see its read access denied if db_denydatareader is in at least one of them.

Try to avoid adding user specific permissions.
Creating groups will make roles management a lot easier.
0
 
LVL 13

Accepted Solution

by:
geek_vj earned 250 total points
ID: 39596439
I believe you are talking about 'Public' server role.
If yes, then the logins which were assigned to public role will have access to system views (read access) where as members of the db_denydatareader fixed database role cannot read any data in the user tables within a database.

Hope this helps!
0
 
LVL 5

Author Comment

by:25112
ID: 39622430
thx!
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SSRS 2013 - Creating a summarized report 19 49
Separate 2 comma delimited columns into separate rows 2 41
Present Absent from working date rage 11 37
tempdb log keep growing 7 33
Naughty Me. While I was changing the database name from DB1 to DB_PROD1 (yep it's not real database name ^v^), I changed the database name and notified my application fellows that I did it. They turn on the application, and everything is working. A …
In this article I will describe the Copy Database Wizard method as one possible migration process and I will add the extra tasks needed for an upgrade when and where is applied so it will cover all.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question