We have several databases on SQL server. We would like to create 1 new user that can see database 'c' but can not see the rest of the databases.
This user should only be able to select from this database, and nothing else.
I have been googleing and searching for a while now, and the closest I found was to deny view any database, and then make them the database owner.
But I don't think that will work for limiting them to select, unless is there a way I can deny everything except for select on a database owner?
Thanks in advance for any help!
Edit: SQL Server 2008 R2, by the way.
Edit2: Sorry, I was not clear in my original post. I am looking to make it so when they log in they won't even see the names of other databases, not just that they can't access them.
Thanks.
1) Create the user on the server
2) Add the user to the given database
3) Grant read-only access to the database
USE [master]
CREATE LOGIN [SomeUserName] WITH PASSWORD=N'someStr0ngP@ssword', DEFAULT_DATABASE=[c], DEFAULT_LANGUAGE=[us_english], CHECK_EXPIRATION=ON, CHECK_POLICY=ON
GO
USE [c]
CREATE USER [SomeUserName] FOR LOGIN [SomeUserName] WITH DEFAULT_SCHEMA=[dbo]
GO
EXEC sp_addrolemember N'db_datareader', N'SomeUserName'
deny is the default behavior when it comes to permission so if you create a user and add it to the db_datareader role on the necessary db, that's the only permission it will have. It wont be able to access the other databases
EDIT:
use [master]
GO
DENY VIEW ANY DATABASE TO [login]
GO
use [master]
GO
DENY VIEW SERVER STATE TO [login]
GO
that will remove the login's abbility to view the databases. Then go to the one you WANT him to see and make him owner of that DB
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With