Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Security

Status
Not open for further replies.
Bell1991

Bell1991

Programmer
Aug 20, 2003
386
0
0
US
I have a database with two different groups having access to it.

Group1 has datareader and denydatawriter
Group2 has datareader, denydatawriter, execute on sprocs.

I have one member who is in both groups, what level of access will this individual have? From what i can tell, they have the ability to execute stored procedures.

Is there anyway i can stop this (without removing them from one group)?
 
Sort by date Sort by votes
You would need to DENY execution of those stored procedures to Group1.

GRANTs are cumulative, where DENY's overwrite all grants.

Code: 
DENY EXEC ON YourStoredProc TO Group1;

Denny
MVP
MCSA (2003) / MCDBA (SQL 2000)
MCTS (SQL 2005 / SQL 2005 BI / SQL 2008 DBA / SQL 2008 DBD / SQL 2008 BI / MWSS 3.0: Configuration / MOSS 2007: Configuration)
MCITP (SQL 2005 DBA / SQL 2008 DBA / SQL 2005 DBD / SQL 2008 DBD / SQL 2005 BI / SQL 2008 BI)

My Blog
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

djj55
  • Locked
  • Question
PCI certification and security question 1
Replies
9
Views
21
MegaSQLBI
MegaSQLBI
katekis
  • Locked
  • Question
Security issues in SSRS 2008 R2.
Replies
0
Views
22
katekis
katekis
RRinTetons
  • Locked
  • Question
Reporting Services Security
Replies
0
Views
13
RRinTetons
RRinTetons
JordanCN2
  • Locked
  • Question
SQL 2005 changed domains - reset security
Replies
1
Views
17
mrdenny
mrdenny
Ringers
  • Locked
  • Question
SSIS Packages & SSSMS Jobs Security
Replies
1
Views
16
SQLBill
SQLBill

Part and Inventory Search

Sponsor

Back
Top