RBarryYoung (9/7/2012)

---

opc.three (9/7/2012)

---

na1774 (9/7/2012)

---

So accoriding to the above logic. I have to Deny View Any DB first. THen make the login owner of the DB. Then it will be not be able to access all the DBs but it will be able to view the DB that it is the part of? Right?

If they have permission to access another database those permissions will not be affected by the DENY VIEW ANY DATABASE. i.e. if a login is denied VIEW ANY DATABASE but is mapped into a database and has SELECT permissions on table dbo.SomeTable that login can still execute:

...

Unfortunately, the OP is trying to get SSMS working for this user. In that case this issue is becomes more about the combination of limitations between what SQL Server allows, and what SSMS requires in order to function well. In particular, there is no way that I know of to get the SSMS Explorer pane's treeview to work inside of a database (showing/expanding its Tables and other objects), if it cannot browse to it from the Server level. Which it cannot unless the user has VIEW ANY DATABASE (effectively) or is the Owner of the database.

(I've gone through this before myself. Its a real pain in the neck...)