 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
SQL Server Forum / General / Other SQL Server Topics / August 2007sp execute permission
Hi, I have a .Net 2.0 windows app that connects to a SQL Express DB. I have 2 Clients using it fine. It accesses stored procs to update data. The clients use integrated security. data source='SQLSERVER\SQLEXPRESS';initial catalog=tbrPData;integrated security=SSPI The problem is on the third client I get Exsecute perimission denied on sp message. It also uses integrated security. How do I find out what user this client is accessing the DB with??? rotsey Hi Rotsey, As you mentioned you make your users connect to SQL Server in Integrated Security mode, then your users' windows domain accounts are used for login to SQL Server as Windows Authentication. If that user is in a different Domain\Global Group which is restricted to connect to SQL Server or do not have permission for SQL Server login then he\she cannot connect to SQL Server. I suggest you to set up a Windows Global Group and put your .Net 2.0 app users in to that group and give that group the necessary permissions in SQL Server login so that they are going to be able to reach resources as they need. So, you will not bother yourself with individual accounts.  SignatureEkrem Önsoy > Hi, > [quoted text clipped - 18 lines] > > rotsey well it must be a windows group because the other clients work fine So how do I find out what windows group there are?? In the activity monitor it show the individual users like this Lester/Marlene Lester/Bayu Lester/Suzanne Lester/RebeccaC But I have not setup permissions for them to my sp. I had to explicitly add execute permissions to Lester/RebeccaC but not the others?? So how do they work? > Hi Rotsey, > [quoted text clipped - 32 lines] >> >> rotsey Connect to your SQL Instance from SQL Server Management Studio and go to Security\Logins and see what users and groups have right to login to your SQL Server Instance. You can also view their right by observing Logins' properties. I again suggest you the following: Make a list of the users who are supposed to execute your sp and create a Windows Global Group this these users. And create a Login for this group from SQL Server Management Studio (SSMS) and set the mapping up for this group from SSMS. Check out the current Logins from SSMS and if there is a group (like Lester\Domain Users) which you do not want them to connect to your SQL Server or execute your sp then explicitly deny them. So that only a group of users will be able to use your database or whatever you want the to use. SignatureEkrem Önsoy > well it must be a windows group because the other clients > work fine [quoted text clipped - 50 lines] >>> >>> rotsey |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2009 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.