Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Minimum privileges


Minimum privileges

Author
Message
asdsfssd
asdsfssd
Forum Newbie
Forum Newbie (6 reputation)Forum Newbie (6 reputation)Forum Newbie (6 reputation)Forum Newbie (6 reputation)Forum Newbie (6 reputation)Forum Newbie (6 reputation)Forum Newbie (6 reputation)Forum Newbie (6 reputation)

Group: General Forum Members
Points: 6 Visits: 29
SQL2000

What are the minimum privileges / permissions / database roles needed to grant a user (besides granting sysadmin) to:
1) Create and run DTS packages.
2) Create, run and review job history.

For #1: I am guessing DB_DATAREADER and DB_DATAWRITER to MSDB??
For #2: I'm not sure about granting MASTER db.

What is the minimum I should grant?

Thanks.
peterjonk
peterjonk
SSC Rookie
SSC Rookie (41 reputation)SSC Rookie (41 reputation)SSC Rookie (41 reputation)SSC Rookie (41 reputation)SSC Rookie (41 reputation)SSC Rookie (41 reputation)SSC Rookie (41 reputation)SSC Rookie (41 reputation)

Group: General Forum Members
Points: 41 Visits: 611
Always use the fixed roles of MSDB instead of granting permissions directly.
I believe for job controlling from the SQL Agent you need sysadmin permissions.

Oops I see I am in the SQL 2000 forum. These roles didn't exists back then.

__________________
MS-SQL / SSIS / SSRS junkie
Visit my blog at dba60k.net
Jeff Moden
Jeff Moden
SSC-Forever
SSC-Forever (45K reputation)SSC-Forever (45K reputation)SSC-Forever (45K reputation)SSC-Forever (45K reputation)SSC-Forever (45K reputation)SSC-Forever (45K reputation)SSC-Forever (45K reputation)SSC-Forever (45K reputation)

Group: General Forum Members
Points: 45127 Visits: 39923
asdsfssd (6/11/2013)
SQL2000

What are the minimum privileges / permissions / database roles needed to grant a user (besides granting sysadmin) to:
1) Create and run DTS packages.
2) Create, run and review job history.

For #1: I am guessing DB_DATAREADER and DB_DATAWRITER to MSDB??
For #2: I'm not sure about granting MASTER db.

What is the minimum I should grant?

Thanks.


I'm pretty sure that, in SQL Server 2000, only SA privs will fit the bill here.

--Jeff Moden

RBAR is pronounced ree-bar and is a Modenism for Row-By-Agonizing-Row.
First step towards the paradigm shift of writing Set Based code:
Stop thinking about what you want to do to a row... think, instead, of what you want to do to a column.
Although they tell us that they want it real bad, our primary goal is to ensure that we dont actually give it to them that way.
Although change is inevitable, change for the better is not.
Just because you can do something in PowerShell, doesnt mean you should. Wink

Helpful Links:
How to post code problems
How to post performance problems
Forum FAQs
Steve Jones
Steve Jones
SSC-Dedicated
SSC-Dedicated (36K reputation)SSC-Dedicated (36K reputation)SSC-Dedicated (36K reputation)SSC-Dedicated (36K reputation)SSC-Dedicated (36K reputation)SSC-Dedicated (36K reputation)SSC-Dedicated (36K reputation)SSC-Dedicated (36K reputation)

Group: Administrators
Points: 36148 Visits: 18751
I think, searching memory here, that you could get SELECT privileges to the job tables and grant them. However that might mean the person could only query.

As far as DTS, I'm not sure you can allow packages to be saved from the designers without SA. Maybe you could try creating a role in msdb and assigning permissions to syspackages and see. I don't have an instance to test, but I would start there. The permissions structure was more manipulable in earlier versions, but I'm not sure if it was 2000 that hardened this, or 2005.

However, Jeff might be right here. There were few fine grained controls in 2000.

Follow me on Twitter: @way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
My Blog: www.voiceofthedba.com
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search