November 10, 2014 at 9:07 pm
Hi,
We are currently running our databases under a users account as the 'Database Owner' as well as our jobs.
I'm wanting to change this to a seperate account so that if this user were to leave the jobs and databases still work once the accounts disabled.
Can you please clarify for me what would happen if the database owner was running as an account which was then disabled?
Also what permissions are needed to be set on the database owner account? And can I run this as a user account on a different domain? I'm wanting to setup a special account that's the owner of all jobs and databases that's not a users account and on a different domain.
Thanks.
November 11, 2014 at 4:05 am
cstrati (11/10/2014)
Can you please clarify for me what would happen if the database owner was running as an account which was then disabled?
From memory, nothing. If the user were deleted from AD it may be a different story
cstrati (11/10/2014)
Also what permissions are needed to be set on the database owner account?
None, the user maps in as the built in database user dbo and can perform any action in the database.
cstrati (11/10/2014)
And can I run this as a user account on a different domain? I'm wanting to setup a special account that's the owner of all jobs and databases that's not a users account and on a different domain.Thanks.
If you have a trust between the domains you may use accounts from one domain to authenticate on resources in another domain.
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
November 17, 2014 at 10:46 am
Somewhat in line with the original question, I have a user whose login is used by the dbo user on a few databases. Consequently, that user has permissions they should not have. How can the dbo user be set to use a different login?
November 17, 2014 at 11:08 am
jpbankston (11/17/2014)
Somewhat in line with the original question, I have a user whose login is used by the dbo user on a few databases. Consequently, that user has permissions they should not have. How can the dbo user be set to use a different login?
You have it backwards. "dbo" does not use a login.
A login or user can have dbo rights assigned to them. Find the user in question in SSMS, under the security, logins. Right click the user, and pick properties. Look at the server roles first. Check is this user has been assigned to a different role than public. Then, check the user mappings. and look at each database. This user has likely been granted "dbo" in the databases.
Read this series
http://www.sqlservercentral.com/stairway/110890/
Also, you probably should have created a new post.
Michael L John
If you assassinate a DBA, would you pull a trigger?
To properly post on a forum:
http://www.sqlservercentral.com/articles/61537/
November 17, 2014 at 12:02 pm
Clearly I misunderstood my own situation, thank you for the clarification and information. In hindsight I agree and will post a new thread if I need further help.
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply