March 21, 2013 at 11:10 am
Hi everyone,
I was thinking of publishing some Table Reports with an online connection to my MSSQL server.
All of that works fine...
Now I was hoping to use my security groups to manage the access to the database.
When trying to use the security group as shown below it does not work - probably because that is only for users - however I was not able to find syntax for a group.
GRANT IMPERSONATE ON USER::[my_domain\gordon] to [my_domain\tableau];
Any advise is much appriciated.
Cheers,
Gordon
April 7, 2013 at 1:04 pm
Hi Gordon,
Unfortunately, this is not possible currently in SQL Server. SQL Server (for some reason) cannot read members out of the AD group configured as a login in SQL Server itself (both AD and SQL Server are Microsoft products, right :crazy: ?).
The impersonation is possible only when the impersonated login exists in sys.server_principals.
Check the similar topic at http://www.sqlservercentral.com/Forums/Topic1434100-1526-2.aspx.
April 7, 2013 at 1:11 pm
...just to add that the syntax for the login in fact completes successfully:
use master
go
GRANT IMPERSONATE ON login::[domain\Security Group] TO [domain\User]
go
but then, when launching EXECUTE AS to impersonate an individual login, a member of [domain/Security Group], SQL Server cannot identify it!
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply
This website stores cookies on your computer.
These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media.
To find out more about the cookies we use, see our Privacy Policy