Post reply

log permissions granted in sql server 2005

  • July 23, 2010 at 1:25 pm

    #144200

    is it possible to log each permission granted to a specific user on a sql server instance?

    for example if user A was granted sa -- make an entry to the log table

    user A was granted dataread on database xyz -- make an entry to the log table

    how can this be accomplish?

  • July 23, 2010 at 1:56 pm

    #1197744

    Not sure what you want to achieve. SQL Server provides Security Catalog Views and Security Stored Procedures that you can use to audit server-level or database-level permissions.

  • July 24, 2010 at 4:21 pm

    #1197899

    You can log CREATE LOGIN, CREATE USER, ALTER LOGIN, ALTER USER, ADD ROLE MEMBER, ADD SERVER ROLE MEMBER and other events (http://technet.microsoft.com/en-us/library/bb522542.aspx) using DDL triggers.

Viewing 3 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic. Login to reply