Results 1 to 2 of 2
  1. #1
    Join Date
    Nov 2002
    Posts
    19

    Thumbs up Unanswered: <b>Help me once more</b>

    Hi knights,

    Pls show me the way to prevent the other users seeing all database names when they logon into SQL Server. Thnks in advance!

  2. #2
    Join Date
    Dec 2002
    Posts
    1,245
    If they are using Windows authentication [preferred]:

    1. Group users into a Windows Domain Security group (NT admin)
    2. Add NT Group to SQL Server Logins (using EM or sp_AddLogin)
    2a. Select a default database (using EM or sp_AddLogin, @defdb)
    3. Grant the NT Group access to the desired database(s) (using EM or sp_grantdbaccess)
    4. Either assign the NT Group to an appropriate standard database role (eg db_datareader) or a custom role that you create.
    5. Done

    Alternatively, you could assign SELECT, UPDATE, DELETE, EXECUTE privileges directly to the NT Group, but it's not strictly considered a "best practice".

    If the are using SQL authentication [not preferred]:

    1. Create individual SQL user accounts using EM or sp_AddLogin
    2. Select a default database (using EM or sp_AddLogin, @defdb)
    3. Grant each user access to the desired database(s) (using EM or sp_grantdbaccess)
    4. You MUST assign either a standard db role or a custom role; trying to manage individual permissions to individual logins can be REALLY hairy.

    If you are going to be using SQL authentication, I think you should:

    1. Consider scripting the user administration and using a front-end tool other than EM or QA.
    2. Be aware that the user names and passwords are sent out over the wire using a weak hashing algorithm that is easily defeated (ie, watch out for snoopers and definitely avoid the internet)


    HTH,

    hmscott

    Quote Originally Posted by bruce_nguyen
    Hi knights,

    Pls show me the way to prevent the other users seeing all database names when they logon into SQL Server. Thnks in advance!
    Have you hugged your backup today?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •