Hello there
I would like to give my users permission to insert/update/delete data
from/to tables and views
and i also need to give them full access to execute Store Procedures.
In order to do so i gave them on Dababase mode db_datareader and
db_datawriter roles.
This roles are giving them full access to insert/update and delete data, but
it doesn't give them access to execute Store procedures.
Which permission i sould give them wituout give them db_owner?Roy
GRANT EXECUTE ON storeprocedure TO username
"Roy Goldhammer" <roy@.hotmail.com> wrote in message
news:eNhG2daLHHA.4376@.TK2MSFTNGP03.phx.gbl...
> Hello there
> I would like to give my users permission to insert/update/delete data
> from/to tables and views
> and i also need to give them full access to execute Store Procedures.
> In order to do so i gave them on Dababase mode db_datareader and
> db_datawriter roles.
> This roles are giving them full access to insert/update and delete data,
> but it doesn't give them access to execute Store procedures.
> Which permission i sould give them wituout give them db_owner?
>|||Shalom Uri
This i've already know
I'm looking for role for this and not go spesific on each store procedure.
on the business i'm working on they are afraid to give the users db_owner's
permission which i know that it is not a problem.
"Uri Dimant" <urid@.iscar.co.il> wrote in message
news:O%23XjUuaLHHA.1280@.TK2MSFTNGP04.phx.gbl...
> Roy
> GRANT EXECUTE ON storeprocedure TO username
>
> "Roy Goldhammer" <roy@.hotmail.com> wrote in message
> news:eNhG2daLHHA.4376@.TK2MSFTNGP03.phx.gbl...
>|||Roy
Ok, so create a new role, add to the role users that you want to execute
sp. Go to the permission tab and click/check EXEC column for stored
procedure
Also , you can write script to grant an execute permission for all stored
procedure tospecific user. If you are interested I will post it out
"Roy Goldhammer" <roy@.hotmail.com> wrote in message
news:uW%23ObyaLHHA.4244@.TK2MSFTNGP04.phx.gbl...
> Shalom Uri
> This i've already know
> I'm looking for role for this and not go spesific on each store procedure.
> on the business i'm working on they are afraid to give the users
> db_owner's permission which i know that it is not a problem.
>
> "Uri Dimant" <urid@.iscar.co.il> wrote in message
> news:O%23XjUuaLHHA.1280@.TK2MSFTNGP04.phx.gbl...
>|||Roy
Be aware that if you have dymanic sql within a stored procedure you will
have to grant SELECT/UPDATE/INSERT/DELETE permission on underlaying table
as well
"Uri Dimant" <urid@.iscar.co.il> wrote in message
news:u$6IH4aLHHA.2456@.TK2MSFTNGP06.phx.gbl...
> Roy
> Ok, so create a new role, add to the role users that you want to execute
> sp. Go to the permission tab and click/check EXEC column for stored
> procedure
> Also , you can write script to grant an execute permission for all stored
> procedure tospecific user. If you are interested I will post it out
>
>
> "Roy Goldhammer" <roy@.hotmail.com> wrote in message
> news:uW%23ObyaLHHA.4244@.TK2MSFTNGP04.phx.gbl...
>|||Whell Uri
For this i have already gave db_datareader and db_datawriter role which
supply this need.
In fact before i deal there, it was as you said.
Now after i add db_datareader and db_datawriter this problem has gone and
there is full permission
it is seems to be some stupide of microsoft not to have role to execute
store procedures. it looks like the is reason for it. i'm wondering why
thanks
"Uri Dimant" <urid@.iscar.co.il> wrote in message
news:%23ed005aLHHA.3268@.TK2MSFTNGP04.phx.gbl...
> Roy
> Be aware that if you have dymanic sql within a stored procedure you will
> have to grant SELECT/UPDATE/INSERT/DELETE permission on underlaying table
> as well
>
> "Uri Dimant" <urid@.iscar.co.il> wrote in message
> news:u$6IH4aLHHA.2456@.TK2MSFTNGP06.phx.gbl...
>|||Roy Goldhammer (roy@.hotmail.com) writes:
> For this i have already gave db_datareader and db_datawriter role which
> supply this need.
> In fact before i deal there, it was as you said.
> Now after i add db_datareader and db_datawriter this problem has gone and
> there is full permission
> it is seems to be some stupide of microsoft not to have role to execute
> store procedures. it looks like the is reason for it. i'm wondering why
You can't do this in SQL 2000, as far as I know. But in SQL 2005,
permissions cascade, and you can say things like:
grant execute on database::yourdb to somerole
grant execute on schema::dbo to someotherrole
Erland Sommarskog, SQL Server MVP, esquel@.sommarskog.se
Books Online for SQL Server 2005 at
http://www.microsoft.com/technet/pr...oads/books.mspx
Books Online for SQL Server 2000 at
http://www.microsoft.com/sql/prodin...ions/books.mspx
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment