Rights require performing DB user administration in SQL2K SP4

  • A user administration group is made responsible for creating users and providing the rights including DB rights. We (DBA) asked to provide the minimum required rights to do this work. I have provided the group "Server Role" = "Security Admin", DB Role as db_securityadmin and db_accessadmin. Still the group is not able to provide fixed db role rights as db_datareader /db_datawriter. We have Sqlserver 2000 SP4. I am little reluctant to provide the DBO rights to the group. Any help or solution to overcome this problem is highly appreciated.

  • Despite what is implied about db_securityadmin in BOL, only members of sysadmin and db_owner can add members to fixed database roles.  db_securityadmin can only add members to user-defined database roles.  There's a workaround in this article:

    http://www.sqlservercentral.com/columnists/bkelley/sqlserversecurityfixeddatabaseroles.asp

    Look for the section called, "Issues with Fixed Database Roles".

    Greg

    Greg

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply