September 16, 2014 at 7:36 am
Hi,
I just wanted to know, if a database or SQL Server job has a particular owner and this user leaves the company and their AD account is deleted, I know access for users will become limited to that particular database object.
To what extent will access be limited?
So if I was a 'normal' user in what ways would I be restricted? For example would I be able to view data but not edit it? Or for a job would I be able to run the job but not edit it?
What would be the situation if I was a sysadmin on the instance and the user who owned the job and database left the company and was deleted from AD.
What restrictions would apply to me as a sysadmin if I wanted to access/modify these database objects?
Thanks.
September 16, 2014 at 8:07 am
zedtec (9/16/2014)
I know access for users will become limited to that particular database object.
No. If the database's owner is not a valid AD account, most things will work fine. Some stuff, like replication, will break with nonsensical errors, but access won't be limited, certainly not to a sysadmin.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
September 16, 2014 at 8:18 am
Ok if the database owner is a valid AD user and is deleted from AD will there be any restrictions in this scenario?
If so what would they be?
September 16, 2014 at 11:03 am
You can have odd errors occur in that situation.
You're better off having a fixed, permanent owner for dbs and granting permissions as needed to other users, up to and including db_owner if that is what they require.
SQL DBA,SQL Server MVP(07, 08, 09) "It's a dog-eat-dog world, and I'm wearing Milk-Bone underwear." "Norm", on "Cheers". Also from "Cheers", from "Carla": "You need to know 3 things about Tortelli men: Tortelli men draw women like flies; Tortelli men treat women like flies; Tortelli men's brains are in their flies".
September 17, 2014 at 2:29 am
Ok thanks.
September 17, 2014 at 2:34 am
zedtec (9/16/2014)
Ok if the database owner is a valid AD user and is deleted from AD will there be any restrictions in this scenario?
That's the scenario I described...
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply