February 19, 2008 at 10:27 am
Under SQL Server 2000, our corporate security group was granted the sysadmin role in order to managed logins and db access. In 2005, we would like to grant them the securityadmin role, however, when we grant a login this role, they can create a login, but cannot grant it db access or assign db_roles. BOL says that the secorityadmin role should be able to manage db access and roles. The error we get says that the securityadmin login cannot access a database under the current security context. Has anyone else had this problem, or are we missing something?
February 28, 2008 at 9:08 am
You add them to the security admin group in the database. That should be fine.
Cheers,
Sugeshkumar Rajendran
SQL Server MVP
http://sugeshkr.blogspot.com
February 28, 2008 at 9:19 am
In BOL it says:
Members of the securityadmin fixed server role manage logins and their properties. They can GRANT, DENY, and REVOKE server-level permissions. They can also GRANT, DENY, and REVOKE database-level permissions. Additionally, they can reset passwords for SQL Server logins.
Why, then, do we have to grant the login the db_securityadmin role in each database?
February 29, 2008 at 9:22 am
Is this sorted out or still having issues?
Cheers,
Sugeshkumar Rajendran
SQL Server MVP
http://sugeshkr.blogspot.com
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply