?
Solved

db_denydatareader vs public access

Posted on 2013-10-22
3
Medium Priority
?
568 Views
Last Modified: 2013-11-04
with public access, the user can generally read something.. with db_denydatareader on a database, are we denying 100% read possibility - is that the reason to add this to an existing user?
0
Comment
Question by:25112
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 30

Assisted Solution

by:Alexandre Simões
Alexandre Simões earned 1000 total points
ID: 39593320
Short answer: Yes.

This will always override db_datareader, so a user that, for instance, belongs to 2 groups will see its read access denied if db_denydatareader is in at least one of them.

Try to avoid adding user specific permissions.
Creating groups will make roles management a lot easier.
0
 
LVL 13

Accepted Solution

by:
geek_vj earned 1000 total points
ID: 39596439
I believe you are talking about 'Public' server role.
If yes, then the logins which were assigned to public role will have access to system views (read access) where as members of the db_denydatareader fixed database role cannot read any data in the user tables within a database.

Hope this helps!
0
 
LVL 5

Author Comment

by:25112
ID: 39622430
thx!
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

     When we have to pass multiple rows of data to SQL Server, the developers either have to send one row at a time or come up with other workarounds to meet requirements like using XML to pass data, which is complex and tedious to use. There is a …
Ever needed a SQL 2008 Database replicated/mirrored/log shipped on another server but you can't take the downtime inflicted by initial snapshot or disconnect while T-logs are restored or mirror applied? You can use SQL Server Initialize from Backup…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question