Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
Author |
Topic |
iminore
Posting Yak Master
141 Posts |
Posted - 2005-04-04 : 05:58:09
|
Is it possible to grant permission to a non database owner login the right to use identity_insert ? |
|
derrickleggett
Pointy Haired Yak DBA
4184 Posts |
Posted - 2005-04-04 : 06:14:47
|
From Books Online: quote: PermissionsExecute permissions default to the sysadmin fixed server role, and the db_owner and db_ddladmin fixed database roles, and the object owner.
So, the answer is yes. MeanOldDBAderrickleggett@hotmail.comWhen life gives you a lemon, fire the DBA. |
|
|
iminore
Posting Yak Master
141 Posts |
Posted - 2005-04-04 : 06:28:10
|
A ddladmin login can delete objects, which isn't desirable.Is there a way of granting specific permission to identity_insert? |
|
|
derrickleggett
Pointy Haired Yak DBA
4184 Posts |
Posted - 2005-04-04 : 06:57:34
|
Only if you make them the object owner. So, in other words....no! Books Online outlines this one pretty well. Why do you have this requirement?MeanOldDBAderrickleggett@hotmail.comWhen life gives you a lemon, fire the DBA. |
|
|
iminore
Posting Yak Master
141 Posts |
Posted - 2005-04-04 : 07:03:11
|
I don't understand why writing records (data) needs to be linked to the objects themselves. Surely a user should be able to write new records without having rights to the objects. Why is identity_insert so tied down? Just seems unnecessary and too restrictive. |
|
|
derrickleggett
Pointy Haired Yak DBA
4184 Posts |
Posted - 2005-04-04 : 07:10:53
|
It's all about relational integrity and security. It's not restrictive. If you need this functionality, you didn't design well. What problem are you trying to fix with this? Let us know and we can help you find another solution. quote: Surely a user should be able to write new records without having rights to the objects.
--This doesn't even make sense. Think before you type.If you don't want relational integrity or security, then use mySQL. If you're going to design a system though, take the time to learn the tools before you design something. Then, you won't be complaining about it after the fact.MeanOldDBAderrickleggett@hotmail.comWhen life gives you a lemon, fire the DBA. |
|
|
iminore
Posting Yak Master
141 Posts |
Posted - 2005-04-04 : 07:39:27
|
thanks for all your help |
|
|
|
|
|
|
|