February 4, 2008 at 2:37 pm
Does anyone know the minimum permissions I need to give my developers to be able to edit/save DTS packages using the DTS Designer in 2005?
If possible I want them to be able to edit/save each other's packages.
Thanks
Kenneth
Kenneth FisherI was once offered a wizards hat but it got in the way of my dunce cap.--------------------------------------------------------------------------------For better, quicker answers on T-SQL questions, click on the following... http://www.sqlservercentral.com/articles/Best+Practices/61537/[/url]For better answers on performance questions, click on the following... http://www.sqlservercentral.com/articles/SQLServerCentral/66909/[/url]Link to my Blog Post --> www.SQLStudies.com[/url]
February 4, 2008 at 5:28 pm
If you only want developers to work with legacy DTS packages, try creating a database role in msdb e.g. DTS_Developer and granting it EXECUTE permission to these stored procedures:
sp_enum_dtspackagelog
sp_enum_dtspackages
sp_enum_dtssteplog
sp_enum_dtstasklog
sp_get_dtspackage
sp_get_dtsversion
sp_drop_dtspackage
sp_add_dtspackage
Add developers to the role. They'll still only be able to edit packages that they own unless packages are saved with an owner password.
Note there are existing fixed database roles in msdb to allow non-sysadmins to work with SSIS packages stored in SQL Server.
Greg
February 5, 2008 at 7:17 am
Greg Charles (2/4/2008)
If you only want developers to work with legacy DTS packages, try creating a database role in msdb e.g. DTS_Developer and granting it EXECUTE permission to these stored procedures:sp_enum_dtspackagelog
sp_enum_dtspackages
sp_enum_dtssteplog
sp_enum_dtstasklog
sp_get_dtspackage
sp_get_dtsversion
sp_drop_dtspackage
sp_add_dtspackage
Add developers to the role. They'll still only be able to edit packages that they own unless packages are saved with an owner password.
Thanks for the help. I ended up giving them full access to the sysdtspackages table. Do you know if that will have the same affect?
Note there are existing fixed database roles in msdb to allow non-sysadmins to work with SSIS packages stored in SQL Server.
We decided not to store our SSIS packages on the server. If we keep them in the file system then they can use their promotion software and we (the dba's) don't have to mess with it as much anymore 🙂
Kenneth
Kenneth FisherI was once offered a wizards hat but it got in the way of my dunce cap.--------------------------------------------------------------------------------For better, quicker answers on T-SQL questions, click on the following... http://www.sqlservercentral.com/articles/Best+Practices/61537/[/url]For better answers on performance questions, click on the following... http://www.sqlservercentral.com/articles/SQLServerCentral/66909/[/url]Link to my Blog Post --> www.SQLStudies.com[/url]
February 5, 2008 at 9:20 am
Granting permissions on sysdtspackages will achieve some of the same. Sysdtspackagelog, sysdtssteplog, and sysdtstasklog are seperate tables, but they're only important when executing a package.
Greg
June 2, 2009 at 11:30 am
Thank you. This post was so very helpful and saved me a ton of time figuring it all out myself.
June 11, 2009 at 9:29 am
Thanks for this info! It just helped me out too
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply