If I add a Login, which is a Windows group of which a user belongs, then map
that group to a particular database, with roles public, db_datareader,
db_datawriter, shouldn't that person be able to EXEC a stored proc from the
database?
They are not able to, and are getting an access denied error. What am I
doing wrong?
Tim Zych
SF, CARead and write permissions are not enough. You need to give execute
permissions to the user.
You can give execute permissions on a specific stored procedure like in
grant execute on proc to user
or you can give global execute permissions on the database (only SQL Server
2005) like in
grant execute on database::adventureworks to user
Hope this helps,
Ben Nevarez
Senior Database Administrator
AIG SunAmerica
"Tim Zych" wrote:
> If I add a Login, which is a Windows group of which a user belongs, then m
ap
> that group to a particular database, with roles public, db_datareader,
> db_datawriter, shouldn't that person be able to EXEC a stored proc from th
e
> database?
> They are not able to, and are getting an access denied error. What am I
> doing wrong?
>
> --
> Tim Zych
> SF, CA
>
>|||Thank you Ben. I'm glad to hear SQL 2005 allows database-wide EXEC
permissions. That's what we're using.
Tim Zych
SF, CA
"Ben Nevarez" <BenNevarez@.discussions.microsoft.com> wrote in message
news:AAB5FB06-7824-46CC-920C-125172CC81D0@.microsoft.com...[vbcol=seagreen]
> Read and write permissions are not enough. You need to give execute
> permissions to the user.
> You can give execute permissions on a specific stored procedure like in
> grant execute on proc to user
> or you can give global execute permissions on the database (only SQL
> Server
> 2005) like in
> grant execute on database::adventureworks to user
> Hope this helps,
> Ben Nevarez
> Senior Database Administrator
> AIG SunAmerica
>
> "Tim Zych" wrote:
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment