November 18, 2002 at 11:53 am
I created a user that has access to a single database on a server. But when I register the Sql server using that account he can see all databses on the server. Yes, he can only access the one I allowed but how can I prevent him from seeing the names of the other databases?
TIA,
Bill
November 18, 2002 at 12:29 pm
You can't without locking down sysdatabases. However, if you lock down sysdatabases you can break ODBC, Access, and anything else that issues a query against sysdatabases (more than you might think). Also, even with sysdatabases locked down, I found that the first time I tried to expand databases, it didn't show anything, but if I chose to refresh, all the databases somehow listed anyway. This was with a non-privileged account.
If anyone has any good ideas on how to successfully lock this down, I'm all ears as well.
K. Brian Kelley
http://www.truthsolutions.com/
Author: Start to Finish Guide to SQL Server Performance Monitoring
http://www.netimpress.com/shop/product.asp?ProductID=NI-SQL1
K. Brian Kelley
@kbriankelley
November 18, 2002 at 5:30 pm
Got this reply....
Bill - this is how the current tools work, the only workaround at the
moment is to roll your own UI and conceal the other databases 🙁
Microsoft SQL Server Development Team
Redmond, WA
November 19, 2002 at 2:56 am
I'm not surprised. Too many things break when you lock down sysdatabases. Which begs the question, why does the public role need access to file path locations in the first place?!?
K. Brian Kelley
http://www.truthsolutions.com/
Author: Start to Finish Guide to SQL Server Performance Monitoring
http://www.netimpress.com/shop/product.asp?ProductID=NI-SQL1
K. Brian Kelley
@kbriankelley
Viewing 4 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply