guidelines for appropriate roles & permissions

  • I'm setting up a new sql 2005 server in a production environment. We have a team of "data analysts" who's job is to write SQL queries and reports, DTS packages, etc.

    What roles & permissions should this group have? Are there any guidelines or best practices published somewhere that will guide me to help give them all the permissions they need, but restrict them from being system administrators?

    Any help is greatly appreciated.

  • If all they are doing is queries, then dbdatareader role in the database they need to see the data in should suffice if you want to make it easy. If you want to make it as secure as possible, then you need to identify specific objects that they need access to query and then create a custom role that has SELECT granted on those objects. It really depends on the scope of what they should or should not be able to see or touch.

    Jonathan Kehayias | Principal Consultant | MCM: SQL Server 2008
    My Blog | Twitter | MVP Profile
    Training | Consulting | Become a SQLskills Insider
    Troubleshooting SQL Server: A Guide for Accidental DBAs[/url]

  • Also if no. of members are more than you can create application role and grant permission to perticular role for easy and uniform administration. and assign the db user specific application role.

    ---------------------------------------------------
    "Thare are only 10 types of people in the world:
    Those who understand binary, and those who don't."

Viewing 3 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic. Login to reply