Mike Hinds (9/9/2010)
What we finally did was:[font="Courier"]EXEC sp_msForEachTable 'DENY SELECT ON ? TO [TheUser]'
GO
GRANT SELECT ON [dbo].[AllowedTable] TO [TheUser]
GO[/font]
For anyone considering this, sp_msForEachTable is "non-supported".
But what happens when you add another table in the future and haven't removed the user from whatever group has given him access? The user will then have access to the new table, no?
Rich