[dba-SQLServer]Security

Djabarov, Robert Robert.Djabarov at usaa.com
Tue Aug 19 10:18:54 CDT 2003


It appears that he needs sysadmin rights to all but 2 databases for a
specific DBA (-s).  This requirement can only be met but putting those
databases on a different server.

-----Original Message-----
From: Francisco H Tapia [mailto:my.lists at verizon.net] 
Sent: Tuesday, August 19, 2003 10:15 AM
To: dba-sqlserver at databaseadvisors.com
Subject: Re: [dba-SQLServer]Security


you can have a database user who is the *admin* of a database, but he
must not be a member of the administrator's group.  This would give him
rights to only the db's that you would want him to be admin of, but
adding users and deleting users would be a task for either a super admin
or yet a 3rd.

It is also possible to manage new users into the system if you simply
use NT authentication, this way they simply just add the new users to
the new groups and viola they have instant access to the db's they need.

if the dba's are member's of the sysadmin group then they have access to
everything.

-Francisco
http://rcm.netfirms.com

On Tuesday, August 19, 2003 6:56 AM [GMT-8],
Martin Reid <mwp.reid at qub.ac.uk> wrote:

: We have a two DBs whcih contain very sensitive information. We have
: several SQL Server Admins.
:
: Is it possible to have the two DBs locked out to all but specific
: DBAs?
:
: Martin


_______________________________________________
dba-SQLServer mailing list
dba-SQLServer at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-sqlserver
http://www.databaseadvisors.com



More information about the dba-SQLServer mailing list