December 3, 2009 at 8:05 am
So user has public role on the server, which i believe every user is automatically granted, do correct me if that is an incorrect statement.
on the user mapping gave datareader on all the system databases.
have granted data reader on the applicable databases, user cannot see any of the databases he has access to, do not wish to give dbowner as this would defeat the purpose of tightening security.
sonal.
December 7, 2009 at 6:14 am
anyone???
December 7, 2009 at 6:29 am
I think you created a SQL login right?
A user exists in a database, login exists on the SQL Instance.
So, you say that when that user is selected and properties are chosen, in the user mappings all the appropriate databases are selected. Is that what you see?
Blog -- LearnSQLWithBru
Join on Facebook Page Facebook.comLearnSQLWithBru
Twitter -- BruMedishetty
December 7, 2009 at 6:36 am
May be if in GUI, you tried something like this!
Login properties-->User Mapping-->Select All Databases-->
Assign the data reader role.
This doesn't work.
If you have 10 databases, then you have to do it 10 times.
Select the db, assign roles, save it...repeat the steps for all the db's.
December 7, 2009 at 6:42 am
that is correct i had to assign the datareader role for every database that the user should have access to, i am missing something, coz it still does not work.
sonal.
December 7, 2009 at 6:51 am
If that is what you say and still doesn't work, let me ask you this, is any deny statement issued against the user?
Can you send the screen shot of the properties of the user (User Mappings Page).
Blog -- LearnSQLWithBru
Join on Facebook Page Facebook.comLearnSQLWithBru
Twitter -- BruMedishetty
December 7, 2009 at 7:01 am
is this accessing via SSMS?
do they receive an actual error or just don't get a drop down list of databases?
---------------------------------------------------------------------
December 7, 2009 at 7:50 am
for security reasons cannot print screen shot, this is from ssms, no error, he just cannot see the databases that i have given read access to, no deny has been issued
December 7, 2009 at 8:26 am
sonal_anjaria (12/7/2009)
for security reasons cannot print screen shot, this is from ssms, no error, he just cannot see the databases that i have given read access to, no deny has been issued
That's fine if not possible. Sometimes that would give a better idea to look at it rather than you explain. What the answer for George's question, is the user connecting from SSMS or what?
Blog -- LearnSQLWithBru
Join on Facebook Page Facebook.comLearnSQLWithBru
Twitter -- BruMedishetty
December 7, 2009 at 8:36 am
yes the user is connecting through ssms
December 7, 2009 at 8:36 am
just to be 100% sure - has the user clicked the plus sign next to databases and expanded the list?
you never know........:-)
---------------------------------------------------------------------
December 7, 2009 at 8:57 am
view any database had been revoked by a script we ran to tighten security, that's is what did it.
granted individual access to user
thanks to all for helping
sonal.
December 8, 2009 at 12:59 pm
Are your users logging in using a domain account?
I recall coming across a similar issue a while back when trying to set up one of our users.
The problem we found was that this user was also accessing a file share on the same machine using a local account on the server. I'm not familiar with how Windows handles authentication behind the scenes, but it didn't like this arrangement. Once we got rid of the local account on the server and set the shares up with his domain account it worked fine.
December 8, 2009 at 1:01 pm
sonal_anjaria (12/7/2009)
view any database had been revoked by a script we ran to tighten security, that's is what did it.granted individual access to user
thanks to all for helping
sonal.
Who ran it?
How did you find it out?
Blog -- LearnSQLWithBru
Join on Facebook Page Facebook.comLearnSQLWithBru
Twitter -- BruMedishetty
December 8, 2009 at 3:45 pm
EDIT: Oops, didn't see the 2nd page, first pass.
Viewing 15 posts - 1 through 15 (of 16 total)
You must be logged in to reply to this topic. Login to reply