February 3, 2023 at 10:01 pm
Hi friends,
So I have a Login to a server that is a windows user group, containing several users. I've set that login's Server Roles as 'public' and 'sysadmin'
This same login is set as a user to a database, and their memberships are just 'datareader' and 'datawriter'
I'm trying to stop their ability to update a specific table. Under the 'Securables' tab for this user, I've added the table in question, and selected the 'Deny' checkbox for UPDATE. This seems to have absolutely no effect, as anyone using that login can still update that table. I've tried it with SELECT as well, and same result -- any user in this group can execute a select statement on this table.
Am I missing something basic? Is the fact that this is a windows user group causing an issue perhaps? Any insight would be greatly appreciated. Thank You.
February 3, 2023 at 10:10 pm
you are doing what should never be done - setting the users/group as sysadmin - there is never any need for anyone other than DBA's to have sysadmin.
As sysadmin you can't be DENY'ed anything on the server or databases .
February 3, 2023 at 10:15 pm
Ahhhhhh! Thank You!
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply