RE: First SQL Database – SQLServerCentral

SSC Guru

Points: 172995

March 9, 2009 at 8:07 am

One thing not previously mentioned, which happens in our environment all the time. If you have procs constantly added to the database which the client needs to use and this database is soley dedicated to this one purpose alone, then you can grant execute on the Schema instead of granting execute on individual procs.

WARNING: Re-read the above caveats before using this code! It can create security issues if you grant it on the wrong database or grant it without knowing the consequences!

Grant Execute on Schema::dbo to [MySQLLogin];

Of course "dbo" would be replaced with the schema name and if you're using a windows login, chances are "MYSQLLogin" would be changed to "MyDomain\MyLogin".

The great thing about this, if you have a dedicated environment, is you're not constantly running back and forth to grant permissions on new procs. On the other hand, as I said above, this can open up a whole can of security worms if you're not careful when and where you use it.

Brandie Tarvin, MCITP Database AdministratorLiveJournal Blog: http://brandietarvin.livejournal.com/[/url]On LinkedIn!, Google+, and Twitter.Freelance Writer: ShadowrunLatchkeys: Nevermore, Latchkeys: The Bootleg War, and Latchkeys: Roscoes in the Night are now available on Nook and Kindle.