Results 1 to 3 of 3
  1. #1
    Join Date
    Dec 2002
    Location
    Préverenges, Switzerland
    Posts
    3,740

    Unanswered: sp_grant etc for non-dbo

    my front-end has all the sp_grantlogin, sp_defaultdb, sp_grantdbaccess, sp_addrolemember etc stuff working smoothly off a form ...for db_owner

    is there a way for me to grant (?? temporary) permissions for a subset of users to run just these sp_ while the front-end runs the add user process? i do not want these users to have general db_owner access to the server since there is nothing else they should be doing at server level.

    the subset of users is already identified at client (accessLevel > 3) & server (role = userAdmin)

    thanks for any thoughts

    izy
    currently using SS 2008R2

  2. #2
    Join Date
    Feb 2004
    Location
    San Antonio, TX
    Posts
    565
    you can create an application role
    and assign it to the app that executes the sp's
    when you access that app, the role's permissions are the effective permissions.
    then when the user connects with their account through the main app, their permissions are effective.

    books online {Establishing Application Security and Application Roles}

  3. #3
    Join Date
    Dec 2002
    Location
    Préverenges, Switzerland
    Posts
    3,740
    i read and digested BOL on the topic.
    thinking...........

    thanks a lot for the reply, izy
    currently using SS 2008R2

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •