 |
|
|
|
Next: Predictive Analytics World March 2011 Conference ..
|
| Author |
Message |
External
Since: Dec 03, 2010
Posts: 3
|
(Msg. 1) Posted: Fri Dec 03, 2010 1:43 pm
Post subject: removing database access for login
Archived from groups: microsoft>public>sqlserver>security (more info?)
|
|
|
I created a new login and accidentally added a user to the wrong
database using.
USE [wrongDatabase]
CREATE USER [Bob] FOR LOGIN [Bob]
EXEC sp_addrolemember N'db_owner', N'Bob'
I thought the TSQL below would remove that user, but I find that user
can still connect to the database as dbo.
USE [wrongDatabase]
EXEC sp_droprolemember N'db_owner', N'Bob'
DROP USER [Bob]
What am I missing? |
|
| Back to top |
|
 | |
External
Since: May 30, 2004
Posts: 1649
|
(Msg. 2) Posted: Sat Dec 04, 2010 5:27 am
Post subject: Re: removing database access for login [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
|
|
| Back to top |
|
| |
External
Since: Dec 03, 2010
Posts: 3
|
(Msg. 3) Posted: Thu Dec 09, 2010 10:22 am
Post subject: Re: removing database access for login [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
On Dec 4, 2:06 am, Erland Sommarskog wrote:
> It seems that Bob is either owner of the database, or is a member of
> the server role sysadmin.
>
> --
> Erland Sommarskog, SQL Server MVP, esq....RemoveThis@sommarskog.se
> - Show quoted text -
Thanks Erland, but no luck.
Bob is neither dbo nor in the sysadmin role (looking through SSMS). I
have tried a few TSQL scripts to find where the login might have hold
on the database, but I still cannot find it.
I am using SQL Server 10.0.2531 >> Stay informed about: removing database access for login |
|
| Back to top |
|
| |
External
Since: May 30, 2004
Posts: 1649
|
(Msg. 4) Posted: Thu Dec 09, 2010 6:25 pm
Post subject: Re: removing database access for login [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
|
|
| Back to top |
|
| |
External
Since: Sep 22, 2006
Posts: 201
|
(Msg. 5) Posted: Thu Dec 09, 2010 6:25 pm
Post subject: Re: removing database access for login [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
On Thu, 09 Dec 2010 23:34:20 +0100, Erland Sommarskog
wrote:
>TCorp ( ) writes:
>> Bob is neither dbo nor in the sysadmin role (looking through SSMS). I
>> have tried a few TSQL scripts to find where the login might have hold
>> on the database, but I still cannot find it.
>
>Is Bob an SQL Server login or a Windows login?
Oh, please let me jump in! I promise I won't screw it up.
Well, not too badly.
If I understand rightly, if Bob is a Windows administrator login,
Bob has access unless the SQL Server built-in admin group is deleted.
Did I get it right, Mr. Sommarskog?
Sincerely,
Gene Wirchenko >> Stay informed about: removing database access for login |
|
| Back to top |
|
| |
External
Since: Dec 03, 2010
Posts: 3
|
(Msg. 6) Posted: Fri Dec 10, 2010 10:14 am
Post subject: Re: removing database access for login [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
On Dec 9, 2:34 pm, Erland Sommarskog wrote:
>
> Is Bob an SQL Server login or a Windows login?
>
> --
> Erland Sommarskog, SQL Server MVP, esq... DeleteThis @sommarskog.se
>
> Links for SQL Server Books Online:
> SQL 2008:http://msdn.microsoft.com/en-us/sqlserver/cc514207.aspx
> SQL 2005:http://msdn.microsoft.com/en-us/sqlserver/bb895970.aspx
Erland,
'Bob' is an SQL account so he's not affected by Windows groups. But I
figured out the issue.
Someone had granted read permissions to the guest user on that
database. I did a REVOKE CONNECT FROM GUEST on that database and it
should be ok now.
Thanks for your help! >> Stay informed about: removing database access for login |
|
| Back to top |
|
| |
| Related Topics: | Any valid login can access Enterprise Manager - Hi. When creating a SQL Server2000 login (NT Authen) with read-only rights to user tables in a user database, this very same login can: 1. Login into EM 2. Though cannot change any objects, but can - 1. view all system objects (logins, DTS etc) 3. STO...
How to access multiple databases in SQL2005 with an SQL Lo.. - Hi, Our systems make use of the 'guest' id to access other application databases in SQL2000, without using cross database chaining. We are using SQL Logins. Now in SQL2005 this is proving to be much more difficult. I have enabled the 'guest' id in th...
Setup login account for application developer to access sq.. - Dear all, If i want to setup login account for application developer to access the production sql server and i just want the user can preform any task only in one user database (say ShoppingCarts) what server roles and db roles i need to give to the..
Assigning database level db_owner permission to a SQL Serv.. - Hi friends, I was hoping that somebody out there would be able to help me out with this one. I am trying to assign a database level db_owner role permission to a SQL server level login that I have created. I can easily do this from enterpise manager....
Audit Database Mirroring Login Event Class missing in both.. - Hello, When I attempt to select this audit class in profiler, it is not even listed. When I try to create a trace programatically (i.e. sp_trace_setevent, etc), for this event only (event id = 154 as per BOL), I get the error "'Msg 19053, Level ... |
|
You can post new topics in this forum
You can reply to topics in this forum
You can edit your posts in this forum
You can delete your posts in this forum
You can vote in polls in this forum
|
|
|
|
|
|
|
FAQ
Search
Profile
Private Messages
Log in
