January 4, 2010 at 3:33 pm
Under SSMS I created a new Server Login (used a Windows account), mapped that login to a database User (with "dbo" permissions) but found the User name did NOT appear under Security > Users for that database. I even closed and reopened SSMS. Nontheless, when I logged in as that account, I could access the database and display table contents. Any idea how this can happen?
TIA,
Barkingdog
January 4, 2010 at 4:13 pm
Is it possible the login you added already had db permissions via a Windows security group in the logins?
January 4, 2010 at 4:46 pm
Ten Centuries,
You're comment got me thinking. I found that the databases for which the user did not explicitly have access had a database role (authorization "dbo") created for the client machine ("domainname\machinename$"). The client mahcine is the very one I log into with the account in question. Talk about sneaky developers.
Barkingdog
January 4, 2010 at 5:09 pm
Sneaky indeed. Gotta love the backdoors. Now the question is, how many did they create?
Jason...AKA CirqueDeSQLeil
_______________________________________________
I have given a name to my pain...MCM SQL Server, MVP
SQL RNNR
Posting Performance Based Questions - Gail Shaw[/url]
Learn Extended Events
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply