Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Create Custom SQL Server Role in SQL 2008 Server

I want to add new custom SQL Server Role and assign the new users to these appropriate roles respectively. I try to find how to create role, but I could not find the place to add that. Could you please guide me how to achieve my requirement?

like image 259
TTCG Avatar asked Jun 02 '11 09:06

TTCG


People also ask

How can create custom database role in SQL Server?

In Object Explorer, expand the server where you want to create the new server role. Expand the Security folder. Right-click the Server Roles folder and select New Server Role.... In the New Server Role -server_role_name dialog box, on the General page, enter a name for the new server role in the Server role name box.

How do you create a new role in a database?

Use the CREATE ROLE statement to create a role, which is a set of privileges that can be granted to users or to other roles. You can use roles to administer database privileges. You can add privileges to a role and then grant the role to a user.

How do I grant a Dbcreator role in SQL Server?

In the Login screen from the menu on the left, select Select a Page > Server Roles. Select dbcreator and click OK.

How do you assign a role to a server?

Right-click the role you want to edit and select Properties. In the Server Role Properties -server_role_name dialog box, on the Members page, click Add. In the Select Server Login or Role dialog box, under Enter the object names to select (examples), enter the login or server role to add to this server role.


2 Answers

You cannot do this in the 2008 version just yet - this is a new feature that you'll get with SQL Server 2011 (a.k.a. "Denali") sometime in 2011/2012.

See some resources:

  • Create your own fixed server roles
  • Custom server roles in SQL Server Denali
  • Add your OWN server role in Denali
like image 91
marc_s Avatar answered Sep 29 '22 12:09

marc_s


You'd simply GRANT the rights you want to a login rather than a role pre SQL Server 2011. Not ideal of course but it works.

We use this to enable app teams to see what is going on without hassling the DBAs.

For example,

CREATE LOGIN [MyDOmain\FolkITrustGroup] FROM WINDOWS;
GO
GRANT VIEW SERVER STATE TO  [MyDOmain\FolkITrustGroup]
GRANT VIEW ANY DEFINITION TO  [MyDOmain\FolkITrustGroup]
GO

Edit: This achieves your requirement without using server roles which don't exist yet...

like image 28
gbn Avatar answered Sep 29 '22 11:09

gbn