RE: Create user with the following permissions

sjaiswal00

SSC Veteran

Points: 226

August 27, 2010 at 1:45 pm

#1213231

[font="Times New Roman"]If we provide

grant alter on schema ::dbo TO user1

then user1 will also be able to drop the tables.

... So then you DENY CONTROL on OBJECT::Table1 to user1 ... User1 is now prevented from dropping Table1

... But User1 can't even select from Table1 anymore. Since DENY is higher precedence than GRANT, you are unable to even GRANT SELECT on object::Table1 to User1[/font]