I am giving the permissions as per given query.
Now I want to remove test1 DB from user test.
ALTER AUTHORIZATION ON DATABASE::test TO test;
ALTER AUTHORIZATION ON DATABASE::test1 TO test;
Assign ownership back to dbo which is default owner of the database.
ALTER AUTHORIZATION ON DATABASE::test1 TO dbo
OR
You can give the ownership to whom you want to assign instead of giving it to dbo.
Related
When I attempt to drop an external table in Azure Synapse SQL Pool I get the folloiwng error:
Cannot drop the EXTERNAL TABLE 'TableName', because it does not exist or you do not have permission.
I am accessing Synapse SQL Server via SSMS.
Can someone let me know how elevate my permissions to drop an external table please.
Theis error generally cause two reasons one is you are table might not present in that particular data baser or the user with which you are querying that table has not have proper privileges.
To Drop Any external table, you need below three major permissions like Alter any schema, alter any external data source and alter any external file format as #Jon suggested.
GRANT ALTER ANY SCHEMA to {user};
GRANT ALTER ANY EXTERNAL DATA SOURCE to {user};
GRANT ALTER ANY EXTERNAL FILE FORMAT to {user};
And also db_exporter server role is there which grant all this permission to you user.
ALTER SERVER ROLE db_exporter ADD MEMBER {user} ;
Also make sure you are using appropriate database to be querying your table where it is present.
And also make sure there is no DENY permission on your user
I think I'm missing something when it comes to grant alter table. I'm looking at the AWS docs
https://docs.aws.amazon.com/redshift/latest/dg/r_GRANT.html
And they say I can grant alter table to a role. I've tried running grant alter table to user but that gives me SQL Error [0LP01]: ERROR: Grant/Revoke system privilege on User is not supported.. So, I'm confused on what exactly a role in redshift is and how it works. Using rows, could I grant a group of people alter table permissions on a single schema?
I think you are being crossed up by the fact the GRANT ALTER is for external datalake objects only. It has to do with modifying the external datastore and isn't meant for normal Redshift tables.
If memory serves the ability to ALTER a normal table is linked with DROP permission. Otherwise it is linked to table ownership.
You can grant "ALTER TABLE" in this way.
create role testingaltertablerole;
create user testingaltertableuser with password disable;
grant alter table to role testingaltertablerole;
grant role testingaltertablerole to testingaltertableuser;
At the moment, there's no way to grant this permission for a single table, AFAIK.
I had a schema in one oracle DB as ui_prod. I asked my DBA team guys to create exactly same schema like ui_prod but as read only and name it ui_prod_readonly. Usually I will use Oracle SQL developer to connect a DB and query directly with table name like below.
--Connect to ui_prod
select * from table
but why I requested to put owner name infront when query for readonly schema they created for me, as without putting it, I get error table not exist.
--Connect to ui_prod_readonly
select * from ui_prod.table
I have project files which hardcode the sql query with only table names and adding owner name in front will cause many changes and effort. Can anyone explain me on this? or provide me any document/link to read. Thanks
You should look into synonyms, apparently the user you are connecting to the database as is not the owner of the objects. So to view the object you have to prepend the names with the schema name (the owner of the object themselves).
http://www.techonthenet.com/oracle/synonyms.php
CREATE OR REPLACE SYNONYM ui_prod_readonly.synonym_name
FOR ui_prod.object_name
It seems to me that your dbas have not created another set of tables but just granted the existing tables to the user ui_prod_readonly.
When you log in to Oracle, the current schema is the name of the user you used to log in. So if you log in with ui_prod_readonly Oracle checks that schema for the table if you do not qualify it with the owner (=schema).
If you want to change the current schema so that you don't need to fully qualify the tables, you can do that with ALTER SESSION
alter session set current_schema = ui_prod;
Once you have done that, you don't need to fully qualify the table with the owner (=schema).
if you need a user to read the data only
its simple to create new user and grant it only select privilege
you can create user and grant select privilege using
CREATE USER [user] IDENTIFIED BY [your_password];
grant select on table to [user]
I need to drop a user with dbowner schema from a SQL Server database. I cannot drop it as it is since I get this error message
Drop failed for User 'network service'. (Microsoft.SqlServer.Smo)
The database principal owns a schema in the database, and cannot be dropped. (Microsoft SQL Server, Error: 15138)
When I try to uncheck the schema owned by this user to remove the DB owner it does nothing. My question is how I can drop this user or edit its name from 'network service' to 'NT AUTHORITY\NETWORK SERVICE'
I had the same problem, I run two scripts then my problem is solved.
Try this:
In this query you can get user schema as a result for AdventureWorks database:
USE AdventureWorks;
SELECT s.name
FROM sys.schemas s
WHERE s.principal_id = USER_ID('your username');
after take schema name you can alter authorization on schema like this:
ALTER AUTHORIZATION ON SCHEMA::db_owner TO dbo;
in this query db_owner schema name that get from first query.
finally you can delete user without error.
my source: SQL SERVER – Fix: Error: 15138
I have the same issue, I cannot delete the user
foo
since it says:
So I need to go to Security -> Schemas and look for dbo, then right click and choose Properties:
Then change
foo
to
dbo
then after that I can now delete the user that I want to delete.
In my case I execute these commands and problem solved:
ALTER AUTHORIZATION ON SCHEMA::db_owner TO dbo;
ALTER AUTHORIZATION ON SCHEMA::db_datareader TO dbo;
ALTER AUTHORIZATION ON SCHEMA::db_datawriter TO dbo;
ALTER AUTHORIZATION ON SCHEMA::[NT AUTHORITY\SYSTEM] TO dbo
Question: when I create a table (T_TableName) using SQL Server Management-Studio, it always creates the table as
Domain\UserName.T_TableName
instead of
dbo.T_TableName
What's wrong ?
If you don't specify a schema explicitly on your table name to be created, it will be created in the user's current default schema.
I bet the user you're using has its own personal schema set as its default schema - that's why your tables get created in his own personal schema.
You can check what database users you have and what their default schema is by inspecting sys.database_principals (SQL Server 2005 and up):
SELECT name, type_desc, default_schema_name
FROM sys.database_principals
To solve this:
specify the schema you want to use explicitly (best practice anyway!)
CREATE TABLE dbo.T_TableName
change the user's default schema to dbo
ALTER USER [Domain\YourUser] WITH DEFAULT_SCHEMA = dbo
But as a general rule of thumb, I recommend always using the "dbo." prefix explicitly, if you want to have all your database objects in the dbo schema. Helps with performance, too (ever so slightly) since SQL Server won't have to go hunting in different schemas, if you explicitly tell it where your db objects live.
You need to either create your table as "dbo.Whatever", OR you need to change your default schema (or have your SA do it for you) by issuing a command like:
ALTER USER [DOMAINNAME\UserName] WITH DEFAULT_SCHEMA = dbo;
Call it dbo.T_TableName in SSMS. If you have the correct permissions, it will work.
Are you assigned as db_owner for the database you created the table in? If not, this could be the issue. Try adding your user mapping permissions to the database as such.
USE [yourDatabase]
GO
EXEC sp_addrolemember N'db_owner', N'DOMAIN\UserOrGroup'
GO