groups in sql

  • hi all ,

    i've one doubt on groups in sql server .

    i want to create one group in sql server and for that group i have to assign only read,write and execute permissions to run application for end users .

    is it possible to manage like this?

    can any one help on this issue?

  • You can minimize the administrative work by using Roles.

    Create a Role and Give all the permissions to that role. Add the users to that role.

    Either you can give Execute, Insert, Update , Delete and Select Permissions to the schema level or object level (each object) to control this. Otherwise, grant the execute permission to the role add db_datareader and db_datewriter roles to the user.

    Cheers,
    Prithiviraj Kulasingham

    Plan to Test your Plan!

  • thanks for reply

    we have so many databases and also thousand of logins.

    creating roles in each and every database and assign logins to that db is some what difficultly ,

    previously i tryed and failed.

    i joined new to the company perviously no one was maintaining server.

    i am the first person.

  • It takes time and effort, but once you've done it, you're done. So it's a one time task and you just have to do it. There's no shortcut since it's not easy to determine what access you need.

    You should use roles and then it might be possible to script adding people to the roles, depending on what your requirements are.

  • ok thanks.

    that i'll do it..

  • If you want the same rights over all databases, you can also use sp_msForEachDB stored procedure. But if your need is different from database to database, you need to do it manually.

    Cheers,
    Prithiviraj Kulasingham

    Plan to Test your Plan!

  • I'd add one more level of abstraction to this: create one (or more) security groups, populate them with the users and add the groups to your roles. That way, you manage the question of WHO has permissions WHERE mostly at the Windows level, not the SQL level. Permissions of users being hired/fired in your organization will be transparently managed by your sysadmins, not the DBAs.

    __________________________________________________________________________________
    SQL Server 2016 Columnstore Index Enhancements - System Views for Disk-Based Tables[/url]
    Persisting SQL Server Index-Usage Statistics with MERGE[/url]
    Turbocharge Your Database Maintenance With Service Broker: Part 2[/url]

  • Yes groups and roles will do the trick. With 2005 you can even assign granular permissions to the objects. So assign only those permissions to the users and not that are not required.

    Cheers,
    Sugeshkumar Rajendran
    SQL Server MVP
    http://sugeshkr.blogspot.com

Viewing 8 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic. Login to reply