Permission for SQL 2000

[djj55]

Hello, in SQL 2000 using Mix Mode security, I have a Windows group Developers. Under Security\Logins for Develpoers
- Checked the Database Access for the database they need
- No Server Roles selected
- Permit in Database Role are: Public, db_datareader, db_denydatawriter

The users can still insert into tables. So as a test I went to the database\users\properties\permissions:
- Checked SELECT
- deny INSERT, UPDATE, DELETE (red X)

The user can still insert into the table.

I even added a user and denied as above and he still could insert.

What am I doing wrong?
Thank you,
djj

 

[JayKusch]

Look in the Public role for that database and see if the "guest" account is in there.

If so, you need to disable it.

By having the guest account in the Public role, eveyone is permitted access.

Thanks

J. Kusch

 

[djj55]

Thank you for the reply.

guest is not in the public role.

In the Users list within the database there is "guest" but I am unable to delete it as Error 15008: User 'guest' does not exist in the current database.

Thanks
djj

 

[JayKusch]

so executing sp_dropuser 'guest' when executed in Query Analyzer against your target DB produces this error?



Thanks

J. Kusch

 

[djj55]

Yes.

Server: Msg 15008, Level 16, State 1, Procedure sp_revokedbaccess, Line 36
User 'guest' does not exist in the current database.

It shows under Database Access it says "Via group membership"

To try to deny I check db_denydatareader and db_denydatawriter for guest. The user can still insert.
djj