Please start any new threads on our new site at https://forums.sqlteam.com. We've got lots of great SQL Server experts to answer whatever question you can come up with.

 All Forums
 SQL Server 2000 Forums
 Transact-SQL (2000)
 Effects if giving permission to Master DB

Author  Topic 

sunnyjassal
Starting Member

28 Posts
Posted - 2004-09-09 : 17:02:55
Hello,

I am trying to have a setup so a user is an admin of only one database. I got that part working fine.

Here is what I am confused about. If I dont assign this user to the master database and log on with his/her user id via Enterprise Manager I cannot see any of the databases including the database he/she is assigned to, why is that?

I can see all the databases once the user is assigned to master, the permission for master that I give to this user are public and db_denydatawriter. That works fine. With these permissions set he should be still able to do whatever to his DB right?

So my question really is what are the effects of giving a user permission to the master database? If permission is not given for master database what can a user do (in terms of permissions) and why can't the user see his own database?

Also what do I permission do I need to give the user for his database so he can do whatever he wants to that DB.
I have given this user the following permission on his DB:
public
db_owner
db_accessadmin
db_securityadmin
db_ddladmin
db_backupoperator
db_datareader
db_datawriter

Basically this user should be able to run scripts back up or whatever to his own DB and should not be allowed anywhere out of his own DB.

jen
Master Smack Fu Yak Hacker

4110 Posts
Posted - 2004-09-09 : 23:10:21
you don't need to include the user in the master database to allow him to view objects.

check the public role on master and see if he has the permissions to run the sprocs there and a couple of views. play around with it so that you'll know which object will grant your user which permission to what extent (if this is still Dev not prod'n).

it's not recommended you give him access directly to the master database.

you can grant him db_owner on an assigned database and do not grant him access to other databases unless there is a need.
Go to Top of Page
   

Subscribe to SQLTeam.com

SQLTeam.com Articles via RSS

SQLTeam.com Weblog via RSS

- Advertisement -

Resources

Articles

Forums

Blogs

Contact Us

About the Site