July 27, 2006 at 5:49 am
Hi EveryOne,
I have a issue regarding the roles/Users.
I have one User Database Audit and has a database user denim which has public,db_owner role associated with it.The user has been associated with Login denim which has default Database as Audit and no server roles are assigned to this Login.
Now i want this user to have some permissions to execute certain SP in Master database like sp_addlogin,sp_adduser etc.
How do i grant this user the required permissions.
July 31, 2006 at 8:00 am
This was removed by the editor as SPAM
July 31, 2006 at 3:11 pm
Actually, the user already has the neccessary object permissions to run sp_addlogin, sp_adduser. These are granted to public by default. However, the stored procedures themselves enforce elevated privileges through their code.
In order for the "denim" user to add logins, they need to be a member of the server role "securityadmin".
By being a member of db_owner, the user already has permissions to add users to the "Audit" database, though they should use sp_grantdbaccess instead of sp_adduser. The latter remains for backwards compatibility.
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply