Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
donpolix
Yak Posting Veteran
97 Posts |
 Posted - 2006-11-14 : 00:30:19
|
| We created a NT Group (SQL SecAdmin) and add it as a member of SecurityAdmin fixed server role. We wanted members of this NT group to manage sql login, grant database access, and other database level permissions. But according to Microsoft, by design, sql server doesn't allow it...Unless you grant it (SQL SecAdmin) db_owner on "EACH" user databases. Which is a nightmare in terms of maintenance as we have a lot of instances and hundreds of databases.Is there a workaround for this?Donn Policarpio |
|
|
donpolix
Yak Posting Veteran
97 Posts |
Posted - 2006-11-24 : 03:19:33
|
| anybody?Donn Policarpio |
 |
|
|
SwePeso
Patron Saint of Lost Yaks
30421 Posts |
Posted - 2006-11-24 : 03:22:33
|
| I would write a script what iterates through all databases on a single server and add the login to that role for the wanted database.And this script I would run on all instances.Peter LarssonHelsingborg, Sweden |
|
|
|
donpolix
Yak Posting Veteran
97 Posts |
Posted - 2006-11-24 : 04:03:58
|
| Writing a script would still end up to the same problem, not a good idea. Maybe I need to make my point clearer. What we wanted is to assign somebody under SecurityAdmin fixed role, that person's task would be to ONLY MANAGE sql logins (without giving him dbo rights on each user dbs). Donn Policarpio |
|
|
|
|
|
|
securityadmin server role