Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Clarification as to why EXECUTE AS USER/LOGIN is not returning the expected results?

Tags:

sql

sql-server

sql-server-2008

ssms

sql-server-2008-r2

I am running the following query against a database:

execute as user = 'domain\username'
select * from fn_my_permissions(null, 'DATABASE')
order by subentity_name, permission_name
revert;

But the following error gets thrown:

Cannot execute as the database principal because the principal "dev\spadmin" does not exist, this type of principal cannot be impersonated, or you do not have permission.

The user is the dbo of the database, and when I open up the properties in management studio, I can see that it is associated with that login. Running EXECUTE AS LOGIN = 'domain\username' does return results, on the other hand. And if I explicitly run EXECUTE AS USER = 'dbo', I get results. I also have a different database where this same scenario returns results with both EXECUTE AS USER and EXECUTE AS LOGIN.

In another scenario with a different user, I have ran EXECUTE AS LOGIN = 'domain\username' and I do not get results, but I do get results with EXECUTE AS USER = 'domain\username'.

Both users in these scenarios are associated with logins that are members of db_owner for the database.

Can anybody tell me why these queries are not returning the results that I expect? And let me know if I am missing any important information. Thanks!

like image 966
athom Avatar asked Oct 23 '12 19:10

athom

People also ask

How do I run SQL as a different user?

Step 1: Press and Hold the Shift Key and Right Click on the SSMS executable or shortcut, you should see the Run as different user option in the context menu. Step 2: Once you click on the Run as different user option the below dialog box will appear.

What is execute as in SQL Server?

When an EXECUTE AS statement is run, the execution context of the session is switched to the specified login or user name. After the context switch, permissions are checked against the login and user security tokens for that account instead of the person calling the EXECUTE AS statement.

What is impersonate permission in SQL Server?

The impersonate permission adds the permissions of one user to another user. One user can concurrently impersonate the permissions of one or more other users. There is no notion of a stack for the impersonate permission. The permission for one user to impersonate another can be granted, revoked, or denied.

1 Answers

The problem is that because the Login domain\username is the dbo of the database, that also means that the name of their corresponding User within that database is dbo and not domain\username.

like image 161
RBarryYoung Avatar answered Sep 28 '22 02:09

RBarryYoung
Sign in to Comment

Related questions

SQL Stairstep Query
When to use float vs decimal
Is there any trick that allows to use Management Studio's (ver. 2008) IntelliSense feature with earlier versions of SQL Server?
TSQL - Disabling Triggers in Transactions
Why is the foreign key part of the primary key in an identifying relationship?
Insert an image in postgresql database
Compare one query with multiple results in PHP
Creating a table using explicit create table statement versus select into
Finding and dealing with duplicate users
Case insensitive index in postgres, handles case sensitive queries?
Structure within staging area of data warehouse
How to apply a SUM operation without grouping the results in SQL?
What does "clustered" mean in "clustered index"? [duplicate]
SQL: tuple comparison
prevent sql injection in oracle "order by" part
Join the same table twice with conditions
SQL : Using GROUP BY and MAX on multiple columns
Error #1044 - Access denied for user 'root'@'localhost' to database 'information_schema' [closed]
What is the right order of insertion/deletion/modification on dataset?
Having clause vs subquery

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!