VIEW SERVER STATE Permissions

  • I can try and figure this out manually, but does anyone know on what DMVs VIEW SERVER STATE grants permissions?

    I am in a position where I need to grant VIEW SERVER STATE permissions to some folks and then explicitly deny SELECT perms on the DMVs they do not need. So, the question becomes, what DMVs are granted SELECT when granted VIEW SERVER STATE.

  • what you have described will work. see

    http://msdn.microsoft.com/en-us/library/ms188754(v=SQL.100).aspx

    ---------------------------------------------------------------------

  • george sibbald (10/11/2010)


    what you have described will work. see

    http://msdn.microsoft.com/en-us/library/ms188754(v=SQL.100).aspx

    I am confident it will work. I was just hoping there was a pre-existing list of what DMVs a user was granted perms too when given VIEW SERVER STATE. Then i can work backwards and make sure I DENY SELECT on the appropriate objects.

    I want to avoid having to do this (determining the perm difference between VIEW SERVER STATE and not) manually if i can.

  • The URL states that view server state AND select permission is required, so grant view server state and select only on the dmvs you want them to be able to use.

    Is that what you require?

    ---------------------------------------------------------------------

  • You may have already seen this link, but here it is; it describes an alternative way to what you are trying to do, and complications that come with it:

    http://www.eggheadcafe.com/software/aspnet/30323724/how-can-i-see-what-permissions-view-server-state-has.aspx

    __________________________________________________________________________________
    SQL Server 2016 Columnstore Index Enhancements - System Views for Disk-Based Tables[/url]
    Persisting SQL Server Index-Usage Statistics with MERGE[/url]
    Turbocharge Your Database Maintenance With Service Broker: Part 2[/url]

Viewing 5 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic. Login to reply