May 22, 2018 at 8:55 pm
I granted DB Reader, DB Writer and DDL_Admin to a contractor.
I haven't really seen the issue; but, I received an email saying she cannot design table through SSMS; but, she can execute CREATE / DROP table.
Is there a special privilege that I need to grant to allow her to use Design table through SSMS?
Thank you.
May 22, 2018 at 9:16 pm
can she really not do it or does she just get a warning stating she may not be able to do it? similar to https://sqlstudies.com/2014/07/10/db_ddladmin-and-the-ssms-table-designer/
or does she get a message stating "Saving changes is not permitted. The changes you have made require that the following tables to dropped and recreate. You have either made changes to the table that can't be recreate or enable the option prevent saving changes that require the tables to be recreate".
and why use designer? a lot faster to do it through ddl.
May 23, 2018 at 7:50 am
whoamisoon - Tuesday, May 22, 2018 8:55 PMI granted DB Reader, DB Writer and DDL_Admin to a contractor.
I haven't really seen the issue; but, I received an email saying she cannot design table through SSMS; but, she can execute CREATE / DROP table.
Is there a special privilege that I need to grant to allow her to use Design table through SSMS?
Thank you.
If a contractor is doing work for a client, they really should be providing you with scripts of what they are doing. And should know how to do these things using t-sql. I'd be concerned that they wouldn't know some of the ramifications of using that table designer in SSMS.
I would likely not change permissions as it sounds like she does have the needed permissions.
Sue
May 25, 2018 at 10:32 am
frederico_fonseca - Tuesday, May 22, 2018 9:16 PMcan she really not do it or does she just get a warning stating she may not be able to do it? similar to https://sqlstudies.com/2014/07/10/db_ddladmin-and-the-ssms-table-designer/
or does she get a message stating "Saving changes is not permitted. The changes you have made require that the following tables to dropped and recreate. You have either made changes to the table that can't be recreate or enable the option prevent saving changes that require the tables to be recreate".and why use designer? a lot faster to do it through ddl.
I don't know why she's not using DDL; I have asked the same question and the PM simply just looks at me like I'm crazy for asking that.
Edit:
She is getting "You are not logged on as the database owner or system administrator. You might not be able to save changes to tables that you do not own" when she opens the Design. She stopped there and sends out the email to PM and myself.
When I spoke to her, and told her to proceed and save, she received another warning, but eventually allows her to save.
May 25, 2018 at 10:35 am
Sue_H - Wednesday, May 23, 2018 7:50 AMIf a contractor is doing work for a client, they really should be providing you with scripts of what they are doing. And should know how to do these things using t-sql. I'd be concerned that they wouldn't know some of the ramifications of using that table designer in SSMS.
I would likely not change permissions as it sounds like she does have the needed permissions.Sue
We have a location for them to develop in (backup) vs developing on their desktop (no backup).
I think so too; but, I'm not the PM nor the manager for that department.
Thank you for the feedback.
May 25, 2018 at 10:41 am
whoamisoon - Friday, May 25, 2018 10:35 AMSue_H - Wednesday, May 23, 2018 7:50 AMIf a contractor is doing work for a client, they really should be providing you with scripts of what they are doing. And should know how to do these things using t-sql. I'd be concerned that they wouldn't know some of the ramifications of using that table designer in SSMS.
I would likely not change permissions as it sounds like she does have the needed permissions.Sue
We have a location for them to develop in vs developing on their systems.
I think so too; but, I'm not the PM nor the manager for that department.
Thank you for the feedback.
You are certainly in a bad spot. I'd try to dig my heels in a bit just based on the premise that she does have the permissions to do the work, you need to see scripts (not screenshots..) of anything going into production, that type of thing. You might also want to involve your manager if you think it would help.
Sue
May 25, 2018 at 11:40 am
Good to know it was my expected "error".
It is a pain for those that don't know better - but in terms of security this is how it should be done and she only has the following options
- use T-sql - faster and less prone to "defaults" errors. Does require that she knows what she is doing!!!
- use visual studio - slower and quite annoying
- bear with the popup and do it on SSMS
- complain to microsoft and force them to fix SSMS (as if)
And I hope anything she does goes through a QA process and also following your company SQL standards.. you do have them don't you?
May 29, 2018 at 10:11 pm
Let her design on her own local db. Then give you the code to script the table (DDL). You need this for deployment anyway, so just tell the PM that the DDL is needed to get this to production. If they can't understand that, neither of them really should continue working in their roles.
Viewing 8 posts - 1 through 7 (of 7 total)
You must be logged in to reply to this topic. Login to reply