Solved

Windows login that is trusted on SQL Server 2005

Posted on 2014-11-19
2
95 Views
Last Modified: 2014-11-26
I guess this is a two part issue but would like to know how to do this in one step. When I create a user on the windows server it creates the user and mailbox on the exchange server but would like for it to also create a user on the SQL server that has trusted rights to run crystal reports we have created. Currently I have to create a new user on the SQL server which has public role assigned to the user but want them to also be trusted so they can run the reports. Right now they have to use the SA login to run the reports and I don't like that. I have read I need to give the sysadmin role to that user but that is like letting them use the SA login. How can I do this in one step and what role on the sql server can I give them that allows them to be trusted but not make modifications on the database?
0
Comment
Question by:tparus
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 50

Expert Comment

by:Vitor Montalvão
ID: 40452718
Create an AD group and give that group permissions on SQL Server instead of a single user. Then, new users will be added directly to the AD group and will have automatically access to SQL Server.
0
 
LVL 70

Accepted Solution

by:
Qlemo earned 500 total points
ID: 40452728
This is indeed two-fold:
a) How to best manage trusted new users in MSSQL
b) How to set up the privs correctly

a) assign those folks to a user group in AD, and make an assignment for that AD group in MSSQL
b) usually you need nothing else than the datareader and datawriter roles (or datareader for read-only access)
0

Featured Post

How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question