July 19, 2010 at 6:36 pm
Hi everyone,
I have a user and I want to restrict his access to some DBs, but he is member of a domain that all members of this domain has access to most of DBs.
He have to be member of this domain and he connects to windows via this domain.
I would like to know is there any way to restrict his access wheras he is member of domain as well?
Please let me know if there is any solution.
July 19, 2010 at 8:17 pm
You can try creating a specific login onto the server for his domain account. This way, when he connects, the login will be specific to his account rather than from the domain group membership. After that, you can DENY access to specific databases to his AD account.
July 21, 2010 at 9:30 am
Jim's method is the only real way this works, unless they create a specific group on that domain with the users who need to be blocked. That way you're applying the DENY against effectively a Windows group so if you have another case like this, it's already covered.
But truth be told, the permissions should be scaled back and the groups looked at on the domain side.
K. Brian Kelley
@kbriankelley
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply