Post reply

End user needs to execute just ONE sproc

  • November 3, 2021 at 2:59 pm

    #3947522

    Hi all,

    As the title implies, Mr One-Sproc just needs to run that - and we don't want him having access to anything else.  I'm thinking the least effort way which is reasonably secure to abstract this is to set up a CMD/PS file that accepts his params and lets loose - no client SSMS, no lengthy login/training etc.

    TIA 🙂

  • November 3, 2021 at 3:09 pm

    #3947533

    Just grant execute to the proc and nothing else, no other role memberships, no read, no write etc just 1 plain execute

    GRANT EXECUTE ON [TheOneSproc] TO [MrOneSproc]

     

    Then they can use whatever client they want to execute the sproc

     

  • November 3, 2021 at 7:18 pm

    #3947652

    I agree with Aunt-Green but it may require you to add an "EXECUTE AS OWNER" to the stored procedure.  "It Depends".

    --Jeff Moden

    RBAR is pronounced "ree-bar" and is a "Modenism" for Row-By-Agonizing-Row.
    First step towards the paradigm shift of writing Set Based code:
    ________Stop thinking about what you want to do to a ROW... think, instead, of what you want to do to a COLUMN.

    Change is inevitable... Change for the better is not.

    Helpful Links:
    How to post code problems
    How to Post Performance Problems
    Create a Tally Function (fnTally)

Viewing 3 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic. Login to reply