August 22, 2003 at 7:05 am
Hi,
I have a group of users that are security admins and can grant/deny logins, add users, but NOT drop users/logins.
How do I allow them to reset passwords for ANY logins on sql server without giving them sysadmin rights.
is there a way i can assign them just 1 stored procedure like sp_password with sysadmin priviledges.
Any help will be greatly appreciated.
DBA in need.
August 22, 2003 at 7:07 am
Execute permissions default to the public role for a user changing the password for his or her own login. Members of the securityadmin and sysadmin fixed server roles can change the password for another user's login.
August 22, 2003 at 7:09 am
SysAdmins can change any password without having to know the old password
Securityadmin needs to know the old password to be able to change it, but they can setup new passwords.
Steven
August 22, 2003 at 10:17 am
Thanks to both of you !! It helped.
August 25, 2003 at 6:10 am
Is it possible to assign security admin, permissions to reset password for any login, w/o knowing the old password. For instance giving sysadmin permissions to sp_password stored procedure and grant execute to security admin.
August 25, 2003 at 9:25 am
if you are running sp_password, you can use NULL for the old password.
Steve Jones
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply