May 11, 2010 at 12:47 pm
Hi this may be something very simple and overlooked by me but I cannot figure out or understand why.
When I add a nt or sql id to the server role ( security admin role) it allows me to add id's but when I try to grant access to a dbase I receive an error (user does not have permissions to perform this operation).
The only way I can get around it is by adding the id to the sysadmin role.
I do not think it is a policy management restriction but admittedly I am new to sql2008.
I am running sql2008 ent ed sp1
What am I missing ?
May 11, 2010 at 1:21 pm
Are you just granting the ability to connect to the database or are you also assigning them to a role further down?
K. Brian Kelley
@kbriankelley
May 11, 2010 at 1:24 pm
I am trying to assign access to the dbase for ex. db_datareader
May 11, 2010 at 1:34 pm
The securityadmin fixed server role only has the ability to grant permissions at the database level, which roughly corresponds to CONNECT DATABASE and the like. Assigning users to roles is not within the permissions of the securityadmin role (and it wasn't in previous versions). If you also make the login a member of the db_securityadmin within each database that needs to be managed, then that will work, as that fixed database role has the correct permissions to manage role membership within the database.
K. Brian Kelley
@kbriankelley
May 11, 2010 at 1:39 pm
I tried that once and just tried again and it does not work ?
May 11, 2010 at 7:07 pm
What was tried?
K. Brian Kelley
@kbriankelley
Viewing 6 posts - 1 through 6 (of 6 total)
You must be logged in to reply to this topic. Login to reply