User Permission

  • Hi everybody,

    i have created new login called 'rachid' in my SQL Server 2008 instance.

    after added it to 'Public' Server Role.

    I have a database called MyDB.

    i created a user 'rachid' for the login rachid.

    I added this user to Database Role :db_datareader

    -----------------------------------------------------

    As i wanted this user to see only and just only the database MyDB

    I executed this script:

    USE master

    DENY VIEW ANY DEFINITION TO 'rachid'

    Oki,now the user rachid doesnt see all database except the two system database 'master' and 'tempdb'

    1-Why he can still see master and tempdb (is it because he belonngs to server role public?)?

    ------------------------------------------------------------------------------

    To allow the user rachid to see the database MyDB

    i executed the script :

    USE MyDB

    GRANT VIEW DEFINITION TO rachid

    but the user rachid can't still even see the database MyDB

    2-how can i afford the user rachid to see only the database myDB?

    Thank you for advance,

    Rachid

    [/b][/b]

  • I think the Deny permissions you have applied at the server level override any explicitly granted permissions at the database level. Basically the lowest level permissions apply. I think you might have to remove the server deny permissions and do the deny permissions at the database level in order to achieve what you want.

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply