Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

View Security

Status
Not open for further replies.
klewis10367

klewis10367

MIS
Mar 12, 2003
678
US
I have 2 databases, 1 is the production and the other is all views of the production data (On the same sql2000 server) used for reporting. The one question I have is that I do not want to have any of the users in database 2 to have any rights to the tables in database 1. Is this possible and if so how. I am relatively new to SQl so if you could be as detailed as possible I would appreciate it.
 
Sort by date Sort by votes
Yes it is very easy to set up.

This is the GUI approach.
Let me know if you want the TSQL.
1. Open Enterprise Manager.
2. Connect to your instance of SQL Server and drill down into the security folder.
3. Double click on each user account. This will open up the properties window for that user.
4. Check the database you want them to have access to in the top part of the window. Grant them the database role of db_datareader in the lower part of the window. This gives them access to only read from that database.
5. Click ok.


- Paul
10qkyfp.gif

- If at first you don't succeed, find out if the loser gets anything.
 
Upvote 0 Downvote
Do I have to grant the database reader role access to each of the tables. I am not very familiar with roles as I usually do security based on users.
 
Upvote 0 Downvote
Also, If I put them in that role in the production server that will give those users in that role read rights to every table on that server which I do not want to do. I just want the user in database 2 to be able to open a view and not have them in any role or rights in database 2.
 
Upvote 0 Downvote
What I am trying to avoid is having a savy user create an odbc connection to one of the production database's and bypassing the Reporting Database. If they have the read only role they would be able to do this.
 
Upvote 0 Downvote
Ok, don't add them to the db_reader role. Just add them to the database. By default they will be members of the public group.

- Paul
10qkyfp.gif

- If at first you don't succeed, find out if the loser gets anything.
 
Upvote 0 Downvote
I hit post to soon. You'll have to grant select to the user on the view.

- Paul
10qkyfp.gif

- If at first you don't succeed, find out if the loser gets anything.
 
Upvote 0 Downvote
Users are added to the public role when they are created, I have already tried the scenario that you suggest and it tells me I need to grant access to each specific table that makes up the view.
 
Upvote 0 Downvote
You granted select rights on the view and your getting that error?

- Paul
10qkyfp.gif

- If at first you don't succeed, find out if the loser gets anything.
 
Upvote 0 Downvote
Also,
If you have only created the user in database 2 what is wrong with making them db_reader? They will only be able to read from all tables in database 2. They will have no access to the prod database.


- Paul
10qkyfp.gif

- If at first you don't succeed, find out if the loser gets anything.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

dgillz
  • Locked
  • Question
SQL View not available to Excel Power Query
Replies
1
Views
196
dgillz
dgillz
lameid
  • Locked
  • Question
When was view object created / modified? 1
Replies
2
Views
57
lameid
lameid
djj55
  • Locked
  • Question
PCI certification and security question 1
Replies
9
Views
82
MegaSQLBI
MegaSQLBI
katekis
  • Locked
  • Question
Security issues in SSRS 2008 R2.
Replies
0
Views
41
katekis
katekis
RRinTetons
  • Locked
  • Question
Reporting Services Security
Replies
0
Views
28
RRinTetons
RRinTetons

Part and Inventory Search

Sponsor

Back
Top