Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase

Sp_adduser Expand / Collapse
Author
Message
Posted Wednesday, December 24, 2008 4:07 AM
Grasshopper

GrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopper

Group: General Forum Members
Last Login: Wednesday, December 31, 2008 4:17 AM
Points: 12, Visits: 72
HI all,

I have the permissions of db_owner,db_accessadmin and db_securityadmin and I tried to create a user with sp_adduser but iam getting the following error:

"User 'xxx" doesnt have permissions to run DBCC audit Event."

Can any one help me in it?

Regards
MAnjula
Post #625274
Posted Wednesday, December 24, 2008 10:58 AM
SSCarpal Tunnel

SSCarpal TunnelSSCarpal TunnelSSCarpal TunnelSSCarpal TunnelSSCarpal TunnelSSCarpal TunnelSSCarpal TunnelSSCarpal TunnelSSCarpal Tunnel

Group: General Forum Members
Last Login: 2 days ago @ 6:27 PM
Points: 4,064, Visits: 5,327
In SQL 2000, only dbo (not just member of db_owner) and members of sysadmin can execute sp_adduser. Try using sp_grantdbaccess instead.

Greg
Post #625509
Posted Wednesday, December 24, 2008 12:20 PM
Grasshopper

GrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopper

Group: General Forum Members
Last Login: Wednesday, December 31, 2008 4:17 AM
Points: 12, Visits: 72
Hi ,
Thanks.I got it.
Ihave another doubt.Is segregation of duties possible in sql2000/sql 2005.
like all dba tasks separate and security admin tasks separate.
Kindly provide me answer for this.

Thanks in advance
MAnjula

Post #625539
Posted Monday, December 29, 2008 12:26 PM
SSCarpal Tunnel

SSCarpal TunnelSSCarpal TunnelSSCarpal TunnelSSCarpal TunnelSSCarpal TunnelSSCarpal TunnelSSCarpal TunnelSSCarpal TunnelSSCarpal Tunnel

Group: General Forum Members
Last Login: 2 days ago @ 6:27 PM
Points: 4,064, Visits: 5,327
It depends on your definition of "dba tasks". The DBAs in my organization are members of the sysadmin server role and we don't farm out administrative duties to non-DBAs.

If you look at the definition of the securityadmin server role in BOL, you see that it can only GRANT, DENY, and REVOKE server-level permissions and database-level permissions.


Greg
Post #626758
Posted Tuesday, December 30, 2008 1:32 AM
Grasshopper

GrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopper

Group: General Forum Members
Last Login: Wednesday, December 31, 2008 4:17 AM
Points: 12, Visits: 72
Thanks Greg.But DBA who is having Sysadmin role will have the Security Priviliges like GRANT,REVOKE & DENY also.So our company wants to separte the tasks. Is it possible to have alternative roles to perform DBA tasks instead of Sysadmin role. correct me if am wrong.

Post #627116
Posted Tuesday, December 30, 2008 9:27 AM
SSCarpal Tunnel

SSCarpal TunnelSSCarpal TunnelSSCarpal TunnelSSCarpal TunnelSSCarpal TunnelSSCarpal TunnelSSCarpal TunnelSSCarpal TunnelSSCarpal Tunnel

Group: General Forum Members
Last Login: 2 days ago @ 6:27 PM
Points: 4,064, Visits: 5,327
You probably should read about the privileges of the various fixed server roles and fixed database roles in BOL. You can't create custom server roles, but you can create your own database roles, so you may be able to separate duties somewhat.

Greg
Post #627432
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse