February 8, 2012 at 11:58 am
I created a role called Documenters in several databases. Then I created a login called TestDocumenter and mapped it to 3 different databases thereby creating 3 users (1 in each database). The role I created I gave db_datareaders and db_datawriters. I thought that would be the end of it.
But these users (TestDocumenters) CANNOT view the tables, etcs. until I explicitly add them to the db_datareader role, etc., even though TestDocumenters was added to those roles and the users were added to TestDocumenters. What am I missing here?
February 8, 2012 at 12:03 pm
I created a role called Documenters in several databases. Then I created a login called TestDocumenter and mapped it to 3 different databases thereby creating 3 users (1 in each database). The role I created I gave db_datareaders and db_datawriters. I thought that would be the end of it.
Did you assign the role Documenter to TestDocumenter user?
February 9, 2012 at 7:31 am
Thanks for the response. I finally got it. It is only scantily documented or explained as to what is happening here. The language is ambiguous. For example, if you create a role called Documenters, do you "give it" db_datareader and db_denywriter, or do you go to db_datareader and add db_datareader, etc., to it? What is actually a member of what? Is it a permission, effective permissions, a right, or a membership? And what do "owned schemas" have to do with it? This stuff also goes for logins and users, credentials, and related things. I wish there were more step by step instructions available, even with screenshots perhaps. I can understand if shown, but Microsoft is notorious for little usable documentation, few examples, and just repeating the "tool tip" statements in the help text.
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply