Create LOGIN [VendorAccess] WITH PASSWORD='NotTheRealPassword'USE [WHATEVER]Create USER [VendorAccess] FOR LOGIN [VendorAccess] CREATE ROLE [AlmostOwners] EXEC sp_addrolemember N'db_ddladmin', N'AlmostOwners'EXEC sp_addrolemember N'db_datareader', N'AlmostOwners'EXEC sp_addrolemember N'db_datawriter', N'AlmostOwners'--can the users EXECUTE procedures? comment out if falseGRANT EXECUTE TO [AlmostOwners]--allow the users to see view proc and function definitionsGrant View Definition ON SCHEMA::[dbo] To [AlmostOwners]--finally add our user to the role:EXEC sp_addrolemember N'AlmostOwners', N'VendorAccess'
DENY VIEW ANY DATABASE TO [TheNewLogin];
USE [DatabaseName];
