 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
SQL Server Forum / General / Security / November 2006Securing SQL databases
Hi, a user wishes me to create a new SQL database for him, on a SQL2K server. He is the only person who will use this database, and requires admin rights to it from his desktop. What is the best way of securing the SQL box so he cannot screw up other working databases. I only want him to be able to break his database!! Regards Add him to the db_owner ROLE for his database only, and DO NOT provide him [sa] rights or add him to the sysadmin Server ROLE -or any other Server ROLE. DO NOT add him to the local administrators group for the computer, in fact, his login should not be in any groups that have access to the computer. He will still have access to any database that has not disabled the GUEST ROLE.  SignatureArnie Rowland, Ph.D. Westwood Consulting, Inc Most good judgment comes from experience. Most experience comes from bad judgment. - Anonymous You can't help someone get up a hill without getting a little closer to the top yourself. - H. Norman Schwarzkopf > Hi, > a user wishes me to create a new SQL database for him, on a SQL2K server. [quoted text clipped - 7 lines] > > Regards Lber Add him to db_datareader, db_datawrite database fixed role and don't forget to grant him access to this specific database ONLY. Don't make him member of sysadmin server role . > Hi, > a user wishes me to create a new SQL database for him, on a SQL2K server. [quoted text clipped - 7 lines] > > Regards |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2009 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.