December 19, 2007 at 9:34 am
Hi everyone.
I would like to know how to create a user with only read permissions.
Like i said, i'm very very new to this and i'm using the sql sever management Studio.
I tried to create the user under the Login branch, but i'm a little confused about rolls and user mapping.
What i need is a user with a pass that will be used for a remote site to access the sql server.
This user must only have read permissions and just on a specific database.
Can anyone, please!, help me?
Thank you very very much!
Ricardo!
December 19, 2007 at 9:39 am
Does the user need to read all tables?
A login is a server level security object that maps to a user in a database. So you need to create a user in the database and map it to the login.
Now, don't assign rights to the user. This almost always causes issues later on. If the user can read all tables, assign them to the datareader role. If not, create a role, under the permissions you could grant SELECT to all the tables they need to read. SELECT is a read permission. Then assign the user to the role.
INSERT, UPDATE, DELETE permissions are changing (write) permissions.
EXECUTE allows you to run functions or stored procedures. Since these could be read only or read/write, you'd want to know what the function or stored procedure did before granting this right.
December 19, 2007 at 11:12 am
Thank you Mr Steve. I will try that in a few seconds!!! thank you!!
December 19, 2007 at 11:16 am
Hello once more.
So i should create a login, lets say ReadUser and then assign a role of databasereader.
right?
I went to the server, then Security and then new login.
Is this right?
Inside the login properties, on User Mapping i have all databases i have available and below that a field saying "Database role membership for: " and the database i choose on the upper field.
Should i assign the user ReadUser to the database itshould read from and on the role chose db_datareader?
Wouldnt this affect ALL users ?
Ricardo
Viewing 4 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply