Denying the DB Scripting...

  • Hi Experts,

    I have an issue with the Newly created Login,

    The Login is able to view the Script of the Database by using the below

    Right Click --->Script Database As --->Create To ---->New Query Editor Window, here he can able to view the DB Created Script , Filenames , SIZE, MAXSIZE , FILEGROWTH and all the Properties.

    If i want to Deny that option to the Login means what can i do?

    PFA....

    Regards
    Chowdary...

  • someone must have granted 'view definition TO ...' ;

    e.g. to public ( not my favorite ! )

    try:

    deny view definition TO [ThatSpecificUser]

    Johan

    Learn to play, play to learn !

    Dont drive faster than your guardian angel can fly ...
    but keeping both feet on the ground wont get you anywhere :w00t:

    - How to post Performance Problems
    - How to post data/code to get the best help[/url]

    - How to prevent a sore throat after hours of presenting ppt

    press F1 for solution, press shift+F1 for urgent solution 😀

    Need a bit of Powershell? How about this

    Who am I ? Sometimes this is me but most of the time this is me

  • Hi Johan,

    Thanks for your response...

    I had tried that "deny view definition to Login_Name" but still that user can see the Definition of the Database only.

    i had denied all the Object under that DB but i need to deny the DB Script to that login....

    Regards
    Chowdary...

  • is the user member of any powerful instance level security group(s) or has the account been granted things 'on any database' ?

    Johan

    Learn to play, play to learn !

    Dont drive faster than your guardian angel can fly ...
    but keeping both feet on the ground wont get you anywhere :w00t:

    - How to post Performance Problems
    - How to post data/code to get the best help[/url]

    - How to prevent a sore throat after hours of presenting ppt

    press F1 for solution, press shift+F1 for urgent solution 😀

    Need a bit of Powershell? How about this

    Who am I ? Sometimes this is me but most of the time this is me

  • is the user member of any powerful instance level security group(s) or has the account been granted things 'on any database' ?

    No,The User don't have any Instance level security and he don't have access on any other databases.

    >On only one database he is having the access that to db_datareader role.

    Regards
    Chowdary...

  • apparently just being member of 'public' on a database is enough to be able to script the create database statement. :crazy:

    Johan

    Learn to play, play to learn !

    Dont drive faster than your guardian angel can fly ...
    but keeping both feet on the ground wont get you anywhere :w00t:

    - How to post Performance Problems
    - How to post data/code to get the best help[/url]

    - How to prevent a sore throat after hours of presenting ppt

    press F1 for solution, press shift+F1 for urgent solution 😀

    Need a bit of Powershell? How about this

    Who am I ? Sometimes this is me but most of the time this is me

  • For sp_help we will do "deny exec sp_help to public" ,

    And for Deny View i used the following

    "Deny view definition to public" and tried but it doesn't work. :hehe:

    Regards
    Chowdary...

  • Chowdary's (9/22/2014)


    The Login is able to view the Script of the Database by using the below

    Right Click --->Script Database As --->Create To ---->New Query Editor Window, here he can able to view the DB Created Script , Filenames , SIZE, MAXSIZE , FILEGROWTH and all the Properties.

    If i want to Deny that option to the Login means what can i do?

    Try this.

    DENY SELECT ON sys.extended_properties TO [LoginName]

  • Thank you Mr.Suneel,

    Its worked for me,But am not able to view the tables which are there under the DB.Before executing the query which you have given i can able to view.

    Regards
    Chowdary...

Viewing 9 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic. Login to reply