November 6, 2003 at 8:44 am
I am trying to assign one of my users to the securityadmin role in SQL Server. I added their login to the dB's then I granted them access and I added them to the server role of security admin. For some reason they STILL do not have permmissions to add logins? What am I doing wrong? Please help, I've been dealing with this problem for three days and its really starting to bug me.
Thanks in Advance,
aurora01
Aurora
November 6, 2003 at 9:25 am
As long as he has 'securityadmin' server role, he should be able to add new logins. Any error message when tring to add logins?
You need grant that user with 'db_accessadmin' or 'dbo' in order for him to grant others to access the database. db_securityadmin can only manage all permissions, object ownerships, roles and role memberships.
Edited by - allen_cui on 11/06/2003 09:27:22 AM
November 6, 2003 at 9:31 am
See if they can run sp_addlogin (not with EM). This will tell you if they have server level access.
Steve Jones
http://www.sqlservercentral.com/columnists/sjones
The Best of SQL Server Central.com 2002 - http://www.sqlservercentral.com/bestof/
November 6, 2003 at 9:34 am
Yes it is the is the classic error message 21776. Suggesting his name was not found in the users collection. Any idea what is causing this?
The user is a member of the server role of security admin and the database role of accessadmin.
Aurora
November 6, 2003 at 9:40 am
Steven, I connected as the user and was able to run the sproc.
Question though, when a user is added to the securityadmin role should they be able to run a select from the sylogins table in master?
Thanks for everyone's help!!!
Aurora
November 6, 2003 at 9:49 am
You need grant his login to access master database and 'select' permission to 'syslogins' table.
November 6, 2003 at 9:51 am
Thanks Allen!
Aurora
Viewing 7 posts - 1 through 6 (of 6 total)
You must be logged in to reply to this topic. Login to reply