I need to drop a user with dbowner schema from a SQL Server database. I cannot drop it as it is since I get this error message
Drop failed for User 'network service'. (Microsoft.SqlServer.Smo)
The database principal owns a schema in the database, and cannot be dropped. (Microsoft SQL Server, Error: 15138)
When I try to uncheck the schema owned by this user to remove the DB owner it does nothing. My question is how I can drop this user or edit its name from 'network service' to 'NT AUTHORITY\NETWORK SERVICE'
I had the same problem, I run two scripts then my problem is solved.
Try this:
In this query you can get user schema as a result for AdventureWorks database:
USE AdventureWorks;
SELECT s.name
FROM sys.schemas s
WHERE s.principal_id = USER_ID('your username');
after take schema name you can alter authorization on schema like this:
ALTER AUTHORIZATION ON SCHEMA::db_owner TO dbo;
in this query db_owner schema name that get from first query.
finally you can delete user without error.
my source: SQL SERVER – Fix: Error: 15138
I have the same issue, I cannot delete the user
foo
since it says:
So I need to go to Security -> Schemas and look for dbo, then right click and choose Properties:
Then change
foo
to
dbo
then after that I can now delete the user that I want to delete.
In my case I execute these commands and problem solved:
ALTER AUTHORIZATION ON SCHEMA::db_owner TO dbo;
ALTER AUTHORIZATION ON SCHEMA::db_datareader TO dbo;
ALTER AUTHORIZATION ON SCHEMA::db_datawriter TO dbo;
ALTER AUTHORIZATION ON SCHEMA::[NT AUTHORITY\SYSTEM] TO dbo
Related
I am trying to add a role in my master database in SQL Server 2016 using below command:
SP_AddRole 'test'
I am getting this error:
There is already an object named "test" in the database.
I have checked expanding Roles in my master database, and I found that there is no Role with name "test" in my master database.
Still I have tried to Drop that Role using below query:
Drop Role 'Test'
I get this error:
Cannot drop the role because it does not exist or you do not have permissions
When I try to alter Role using below query:
Alter Role Add Member "Domain\userName"
I was getting same error as below:
Cannot alter the role because it does not exist or you do not have permissions.
Note: I have all permissions and privileges to SQL Server and master database.
Can someone please suggest what can be done in order to resolve this?
I can't change the name of the role as it is very important for my applications to create a role with this name.
There was an already created SCHEMA in that SQL Server database.
I have deleted that schema
DROP SCHEMA Test
And then below SQL query worked.
SP_AddRole 'Test'
When I create Role, a default schema with same name gets created which was visible when I expand Schemas.
When I try to Drop the Role, I will need to first Drop the schema and then the Role.
Even if the schema with same name(But Role does not) present, SQL Server does not allow me to create new Role with same name.
Reference here
I'm trying to add db_backupuperator to a UserMapping but I can't. It returns the Error 15150 and the message:
"Drop failed for User 'dbo' (Microsoft.SqlServer.Smo)
Additional information:
an exception occurred while executing a Transact-SQL statment or batch
(Microsoft.SqlServer.ConnectionInfo)"
I've already tried apply these sugested solutions:
https://blog.sqlauthority.com/2017/12/12/sql-server-fix-msg-15150-cannot-alter-user-dbo/
Use database_name
sp_changedbowner 'sa'
I've tried also delete the database and create a new one, but then I can't edit any option of User Mapping, can't even add db_datareader or db_datawriter
If the user is member of the dbo database role, you will first have to remove him from this role. If he is the database owner, you will first have to change the database owner to another user. Then afterwards you can grant thim indivually the permissions needed, or create a database role which includes the permissions and put him in that role. This will be much more easier, if you have additional users holding the same rights as the mentioned user.
Reference link from Here.
How do I Grant drop permission of stored procedure in SQL Server to user via script?
I tried the following, but it does not work
use XpressFeed_Dev
GRANT DROP ON procedure::getPartyDuns TO "INT\svc-w-corerefdata-de";
use XpressFeed_Dev
ALTER AUTHORIZATION ON [getPartyDuns] TO "INT\svc-w-corerefdata-de";
Permissions
Requires CONTROL permission on the procedure, or ALTER permission on
the schema to which the procedure belongs, or membership in the
db_ddladmin fixed server role.
DROP PROCEDURE (Transact-SQL)
So the minimum permission of all mentioned above is control on a procedure because after it will be dropped the user will have no additional permissions
GRANT CONTROL ON object::getPartyDuns TO [INT\svc-w-corerefdata-de];
You must specify schema before the procedure name - like this:
GRANT DROP ON procedure::XpressFeed_Dev.getPartyDuns TO [INT\svc-w-corerefdata-de];
ALTER AUTHORIZATION ON XpressFeed_Dev.[getPartyDuns] TO [INT\svc-w-corerefdata-de];
While fetching data through a stored procedure in SQL Server I am getting error like
Cannot execute as the database principal because the principal "dbo"
does not exist, this type of principal cannot be impersonated, or you
do not have permission.
I am getting this error only for accessing a particular stored procedure, not for all SP's.
Give your database a valid owner. Try this:
ALTER AUTHORIZATION
ON DATABASE::[YourDatabaseName]
TO [LoginUser];
or you can try to set it like
USE [dbname]
GO
sp_changedbowner 'someLogin'
ALTER AUTHORIZATION ON DATABASE::Example TO sa;
Basically SQL Server login is mapped to database user and this mapping is not properly defined for SQL server principals then login will not be sucessfully for that specific user of database on that specific instance and this user is called orphan user.
First, check if the orphaned user is mapped or not.
USE <database>
EXEC sp_change_users_login #Action='Report';
if not mapped then, fix the orphaned user.
USE <database>
EXEC sp_change_users_login #Action='update_one', #UserNamePattern='YOURUSERNAME', #LoginName='YOURUSERNAME';
I just implemented the WITH EXECUTE AS OWNER code on a new table trigger and now regular users who insert to the table are receiving the following error: Cannot execute as the database principal because the principal "dbo" does not exist, cannot be impersonated, or you do not have permission.
Users who are setup as sysadmins have no problem inserting to the table, no errors. What type of rights need to be granted to users/roles in order for them to be able to use WITH EXECUTE AS OWNER?
Apparently problem was unrelated to permissions after all but instead related to the fact that "dbo does not exist". Current db owner was set to an old login which no longer exists.
Fixed this by running the following SQL statement:
ALTER DATABASE [DB]
SET SINGLE_USER
GO
EXEC sp_changedbowner 'sa'
GO
ALTER DATABASE [DB]
SET MULTI_USER