Ok, folks, I got one for you. I want to allow a user to make schema changes to
tables in a database that are owned by dbo. However, I do not want this user to
do anything beyond that, such as add roles or change permissions on objects,
etc. It appears that the db_ddladmin fixed database role only allows the user to
create, delete, and alter objects owned by themselves. And, the only way to get
what I want is to add the user to the db_owner fixed database role. Not really
what I had in mind. Am I missing something here? Can anybody give me any
direction on this?
Thanks in advance. You guys rock!
Darrell
db_ddladmin can alter and drop object owned by others.
Tibor Karaszi, SQL Server MVP
http://www.karaszi.com/sqlserver/default.asp
http://www.solidqualitylearning.com/
http://www.sqlug.se/
"Darrell" <Darrell.Wright.nospam@.okc.gov> wrote in message
news:eLeP7MhNFHA.568@.TK2MSFTNGP09.phx.gbl...
> Ok, folks, I got one for you. I want to allow a user to make schema changes to tables in a
> database that are owned by dbo. However, I do not want this user to do anything beyond that, such
> as add roles or change permissions on objects, etc. It appears that the db_ddladmin fixed database
> role only allows the user to create, delete, and alter objects owned by themselves. And, the only
> way to get what I want is to add the user to the db_owner fixed database role. Not really what I
> had in mind. Am I missing something here? Can anybody give me any direction on this?
> Thanks in advance. You guys rock!
> Darrell
|||db_ddladmin is able to modify all tables in the database. Use Query Analyzer
to alter tables instead of Enterprise Manager if you don't want to see those
warning messages.
"Darrell" wrote:
> Ok, folks, I got one for you. I want to allow a user to make schema changes to
> tables in a database that are owned by dbo. However, I do not want this user to
> do anything beyond that, such as add roles or change permissions on objects,
> etc. It appears that the db_ddladmin fixed database role only allows the user to
> create, delete, and alter objects owned by themselves. And, the only way to get
> what I want is to add the user to the db_owner fixed database role. Not really
> what I had in mind. Am I missing something here? Can anybody give me any
> direction on this?
> Thanks in advance. You guys rock!
> Darrell
>
|||Jack wrote:
> db_ddladmin is able to modify all tables in the database. Use Query Analyzer
> to alter tables instead of Enterprise Manager if you don't want to see those
> warning messages.
> "Darrell" wrote:
>
Thanks to both of you for the responses. I like the Query Analyzer suggestion,
however, I have a bunch of GUI-loving developers that probably couldn't spell
T-SQL. But I digress...
A follow-up question, then, is can they make changes to the tables in the
database diagrammer and those changes will be saved back to the tables?
Thanks again.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment