How can I particularly find when a user was given sysadmin privileges in SQL Server?
Is there any Query?
Please help. Thanks!
Related
I created SQL DB. and I want to allow only "DB owner" to access stored procedures. I want to prevent all other users including 'sa' user from doing that . how to do that ?
short answer: you can't.
long answer: sa is the owner of the whole server so cannot be cut out of anything on the server. you can prevent all other users (that does not have a sysadmin role) from using the stored procedures but again you have no way to lock out sa and/or any user with sysadmin role.
you may revoke permission to SA but SA can grant these permissions back easily.
actually you may lock out SA user if you disable SQL authentication or disable the user but anyway you cannot prevent other users with sysadmin role to interact with the stored procedures: this is by design.
please post a question with the actual requirement: this question looks like a solution you are trying to implement; maybe we can help you find a suitable solution for the actual issue.
as a side note, if you don't trust the admin of the server there is something wrong...
Can anyone tell me what permissions must i give to a user inside SQL Server 2005 so that this user can backup and restore a database without given him sysadmin server role ?
There is a db_backupoperator fixed database role in 2005 that should meet your requirements. See description here https://technet.microsoft.com/en-US/library/ms189612(v=sql.90).aspx
USE YourDatabase
GO
EXEC sp_addrolemember 'db_backupoperator', 'YourUser'
GO
I want to give our technician rights to restore one particular database from a backup file. What are the minimum rights I can give him?
You could use the Server Role dbcreator to restore the database and the Database Role db_backupoperator to backup the database, as pointed out by #RBarryYoung in this great answer.
You can specify these settings in the properties of the login, selecting the tab Server Roles and User Mapping.
I have a SQL Server 2005 database and I need to be able to grant a user(someday a group) read only database permissions with the ability to view but not run or modify stored procedures across over a dozen databases. Is there a way to do this with the current database roles included with SQL Server 2005 or does the user have to be granted permissions on each individual stored procedure. Thank you.
GRANT VIEW ANY DEFINITION TO [Domain\UserName] worked for me.
I am trying to give permissions to a user I just created and has a login associated logged into my master.
I was not able to give any permissions since it says you do not have permissions to do this.
I gave myself dbowner rights in the master but still.
Any help?
Might it be that the database I created does not have the schema dbo?
UPDATE:
I thought you said the user you added didn't have any permissions, my bad! Well the answer still might be helpful :-)
I'm not an SQL expert so this may not answer your question, but I had to do something like this today and listing my steps might help.
You can use a graphical tool like Azure User Management Console (AUMC) if you want to add users without having to write a bunch of SQL queries.
Connect to your server, go to Logins and create a new login (if you want to give server access as well), then go to Users, select your database, create a new user, then here you can link the user to the login you just created and give database permissions.
Here is the documentation on granting users/logins permissions:
http://blogs.msdn.com/b/sqlazure/archive/2010/06/21/10028038.aspx
EXEC sp_addrolemember 'db_datareader', 'readonlyuser';