piliki (4/14/2013)
waiting for best answers!!!!
the example i provided actually works; so you will have to provide the specific details of whatever you did.
a user does nto have any more rights that you give them...so you need to check what groups your user actually belongs to, because other dBA's could have assigned additional permissions, or someone got lazy and made the user a sysadmin to avoid permissions headaches.
it's trivial to test something like this as well:
--impersonate utest user - or open new window and log on as test login
execute as user='utest'
go
--check security context
print user_name()
--check your view ability to select
select * from msdb.dbo.all_mailitems
--revert to original scope/superuser
revert
Lowell