Please start any new threads on our new site at https://forums.sqlteam.com. We've got lots of great SQL Server experts to answer whatever question you can come up with.

 All Forums
 SQL Server 2000 Forums
 SQL Server Administration (2000)
 Db_datareader and db_datawriter access levels

Author  Topic 

pras2007
Posting Yak Master

216 Posts
Posted - 2008-03-12 : 09:15:40
Hello All,

I have given my users db_datareader and db_datawriter can somebody please tell me the advantages and disadvantages on doing so? Thanks.

SwePeso
Patron Saint of Lost Yaks

30421 Posts
Posted - 2008-03-12 : 09:18:21
Don't forget to give them EXECUTE rights on your stored procedures as well.
And SELECT rigths on your views.

E 12°55'05.25"
N 56°04'39.16"
Go to Top of Page

sodeep
Master Smack Fu Yak Hacker

7174 Posts
Posted - 2008-03-12 : 09:24:51
With this access, users can manipulate DML structure of your database.
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

30421 Posts
Posted - 2008-03-12 : 09:41:26
Is that true?
quote:
Mapping of Fixed Database Roles to Permissions

db_accessadmin
Granted: ALTER ANY USER, CREATE SCHEMA
Granted: VIEW ANY DATABASE

db_accessadmin
Granted with GRANT option: CONNECT

db_backupoperator
Granted: BACKUP DATABASE, BACKUP LOG, CHECKPOINT
Granted: VIEW ANY DATABASE

db_datareader
Granted: SELECT
Granted: VIEW ANY DATABASE

db_datawriter
Granted: DELETE, INSERT, UPDATE
Granted: VIEW ANY DATABASE

db_ddladmin
Granted: ALTER ANY ASSEMBLY, ALTER ANY ASYMMETRIC KEY, ALTER ANY CERTIFICATE, ALTER ANY CONTRACT, ALTER ANY DATABASE DDL TRIGGER, ALTER ANY DATABASE EVENT, NOTIFICATION, ALTER ANY DATASPACE, ALTER ANY FULLTEXT CATALOG, ALTER ANY MESSAGE TYPE, ALTER ANY REMOTE SERVICE BINDING, ALTER ANY ROUTE, ALTER ANY SCHEMA, ALTER ANY SERVICE, ALTER ANY SYMMETRIC KEY, CHECKPOINT, CREATE AGGREGATE, CREATE DEFAULT, CREATE FUNCTION, CREATE PROCEDURE, CREATE QUEUE, CREATE RULE, CREATE SYNONYM, CREATE TABLE, CREATE TYPE, CREATE VIEW, CREATE XML SCHEMA COLLECTION, REFERENCES
Granted: VIEW ANY DATABASE

db_denydatareader
Denied: SELECT
Granted: VIEW ANY DATABASE

db_denydatawriter
Denied: DELETE, INSERT, UPDATE

db_owner
Granted with GRANT option: CONTROL
Granted: VIEW ANY DATABASE

db_securityadmin
Granted: ALTER ANY APPLICATION ROLE, ALTER ANY ROLE, CREATE SCHEMA, VIEW DEFINITION
Granted: VIEW ANY DATABASE


E 12°55'05.25"
N 56°04'39.16"
Go to Top of Page

sodeep
Master Smack Fu Yak Hacker

7174 Posts
Posted - 2008-03-12 : 09:51:02
"db_datawriter
Granted: DELETE, INSERT, UPDATE
Granted: VIEW ANY DATABASE
"

Peso, What I mean is user can apply DELETE, INSERT, UPDATE command on any tables on specific database.
Go to Top of Page
   

Subscribe to SQLTeam.com

SQLTeam.com Articles via RSS

SQLTeam.com Weblog via RSS

- Advertisement -

Resources

Articles

Forums

Blogs

Contact Us

About the Site