June 30, 2021 at 9:25 pm
I restored a database from QA to production. I removed logins/users from database since they all were in same group with READ only. I checked and don't see any explicit permissions, and none of them have a schema or role they are owner of, but one of the users can still update stuff in this database. I had the other DBA check and he couldn't find anything either.
What in the world am I missing here?
June 30, 2021 at 9:30 pm
Check that users login - are they a member of the sysadmin role? Check other groups that have access to the server - do any of those groups have access to the database where this user is a member?
Jeffrey Williams
“We are all faced with a series of great opportunities brilliantly disguised as impossible situations.”
― Charles R. Swindoll
How to post questions to get better answers faster
Managing Transaction Logs
June 30, 2021 at 9:43 pm
He is not a member of sysadmin role.
He is in one group, but it has read only and that is it.
It must be something that carried over from the other environment, but just can't figure it out yet. So bizarre.
June 30, 2021 at 9:46 pm
He is not a member of sysadmin role.
He is in one group, but it has read only and that is it.
It must be something that carried over from the other environment, but just can't figure it out yet. So bizarre.
Have you tried using xp_LoginInfo to make sure of that?
--Jeff Moden
Change is inevitable... Change for the better is not.
June 30, 2021 at 10:25 pm
I found him in another group as Admin and have no clue how or why he is there.
Thanks Jeff!
July 1, 2021 at 3:34 am
My pleasure and thank you for the feedback. xp_LoginInfo is one of those tools that I don't need to use often but it's a real life saver when I do need it.
Another handy tool is sp_validatelogins.
--Jeff Moden
Change is inevitable... Change for the better is not.
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply