Djabarov, Robert
Robert.Djabarov at usaa.com
Tue Aug 19 10:18:54 CDT 2003
It appears that he needs sysadmin rights to all but 2 databases for a specific DBA (-s). This requirement can only be met but putting those databases on a different server. -----Original Message----- From: Francisco H Tapia [mailto:my.lists at verizon.net] Sent: Tuesday, August 19, 2003 10:15 AM To: dba-sqlserver at databaseadvisors.com Subject: Re: [dba-SQLServer]Security you can have a database user who is the *admin* of a database, but he must not be a member of the administrator's group. This would give him rights to only the db's that you would want him to be admin of, but adding users and deleting users would be a task for either a super admin or yet a 3rd. It is also possible to manage new users into the system if you simply use NT authentication, this way they simply just add the new users to the new groups and viola they have instant access to the db's they need. if the dba's are member's of the sysadmin group then they have access to everything. -Francisco http://rcm.netfirms.com On Tuesday, August 19, 2003 6:56 AM [GMT-8], Martin Reid <mwp.reid at qub.ac.uk> wrote: : We have a two DBs whcih contain very sensitive information. We have : several SQL Server Admins. : : Is it possible to have the two DBs locked out to all but specific : DBAs? : : Martin _______________________________________________ dba-SQLServer mailing list dba-SQLServer at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-sqlserver http://www.databaseadvisors.com