SQL rights question
- I am working with an app written in VB and accessing SQL DBs. The app processes info into the DB from handhelds. My problem is that currently we have to give the user SYSADMIN rights in the SQL server to get the data to process. I have tried giving all rights at the DB level (except the 2 deny rights) to our live DB and the master, model, pubs, and tempdb. I do not want to have to give sysadmin rights to users to run this app because there are other DBs on the system that should be secure. Any help is appreciated.
-
I would start by defining exactly what permissions the application needs on the database. To do this, you may have to get a few heads together as you will need to know how the application is getting at the data. Is it using all stored procedures, embedded SQL code in the VB code, etc. You can then create a user and grant select, update, delete , execute rights to the tables/stored procedures as needed. Do you have a test environment? If you do, you may need to take some time to get your permissions set up and have the application regeression tested.
You say that you currently 'have to' give the user SYSADMIN rights. What happens if they do not have sysadmin rights?
-
This is the third time I have tried to post this, so I apologize if it is a duplicate. I am not the programmer that wrote this app but I am told that it uses stored procedures. I am not a programmer so I am not sure how to answer some of this but I do have a test environment. I appreciate your response but also need some guidance on how to proceed. Thanks.
Viewing 3 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply