Hi Everyone,

i have a MSSQL database server 2008, which is used and can be connected by my software developers for the development process. They all are using 'sa' account.
but i want to make one database where i can put my confidential info, and i want that database to be inaccessible to my developers.

how can i achieve that? Please describe me in steps so that i can follow easily.

Thank you Very much

Don't let them use the sa account!

• Create new SQL login for them to use
• Add them as windows authenticated users
• Add them to an AD group and grant the AD group access

NEVER give away sysadmin rights on a server. Neither should an application user have sysadmin rights, or an application run as sysadmin. These are horribly bad security practices

Developers at most should only have db_owner rights on the database(s) they are developing in.

If you are in a windows domain, use the following steps (elaborated from above)

1) In SQL Server Management Studio, create a new windows authenticated login on SQL Server from their Windows Login.
2) Under User Mappings, select the database they need to work in, and the db_owner role.