Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase ««12

Restrinct for insert update and delete from a specific table Expand / Collapse
Author
Message
Posted Thursday, July 25, 2013 2:11 PM


SSChampion

SSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampion

Group: General Forum Members
Last Login: Today @ 11:50 AM
Points: 12,877, Visits: 31,792
another possibility is to create the user with the "right" limited permissions, with the same password as 'sa' currently;

that should be easy to do , since everyone is logging in as SA, anyway, so everyone knows the password as it is.

After that is all set up then rename the 'sa' login, and then rename that new user to be 'sa';

an additional problem of course, if you need to upgrade to 2008, because i seem remember a thread Gail mentioned were in place upgrades fail on renamed sa, i think.


Lowell

--There is no spoon, and there's no default ORDER BY in sql server either.
Actually, Common Sense is so rare, it should be considered a Superpower. --my son
Post #1477732
Posted Thursday, July 25, 2013 2:19 PM


SSCommitted

SSCommittedSSCommittedSSCommittedSSCommittedSSCommittedSSCommittedSSCommittedSSCommitted

Group: General Forum Members
Last Login: Today @ 9:00 AM
Points: 1,595, Visits: 4,585
Lowell (7/25/2013)
another possibility is to create the user with the "right" limited permissions, with the same password as 'sa' currently;

that should be easy to do , since everyone is logging in as SA, anyway, so everyone knows the password as it is.

After that is all set up then rename the 'sa' login, and then rename that new user to be 'sa';

an additional problem of course, if you need to upgrade to 2008, because i seem remember a thread Gail mentioned were in place upgrades fail on renamed sa, i think.

It is possible to drop the 'SA' account and re-create with limited permissions. In the past there have been BI / EF developers who insisted on having the 'SA' password. So, I gave them one, only with nothing but reader/writer access... and never heard a complaint back. Honestly most of these guys don't really know what they're asking for and wouldn't know the difference.

However, in this specific case, it sounds like the users arn't logging in as 'SA', they are logging in as themselves and have been granted membership in SYSADMIN server role at some point in past.
Post #1477738
Posted Thursday, July 25, 2013 3:17 PM


SSChampion

SSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampion

Group: General Forum Members
Last Login: Today @ 2:32 PM
Points: 13,067, Visits: 11,903
Zeal-DBA (7/25/2013)
hi Sean,
please find attached image , as i have written trigger, after executing it prints message what i have mentioned in code but it is allowing to insert record as well. how to restrict


It would be far better if you could post the code instead of a screen shot. The reason here is because you did not create this as an INSTEAD OF trigger. Replace the word FOR with INSTEAD OF.

Then you should read up on how triggers work.

http://msdn.microsoft.com/en-us/library/ms189799.aspx



_______________________________________________________________

Need help? Help us help you.

Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.

Need to split a string? Try Jeff Moden's splitter.

Cross Tabs and Pivots, Part 1 – Converting Rows to Columns
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs
Understanding and Using APPLY (Part 1)
Understanding and Using APPLY (Part 2)
Post #1477758
« Prev Topic | Next Topic »

Add to briefcase ««12

Permissions Expand / Collapse