Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

GRANT syntax for domain\user

Tags:

sql-server

sql-server-2008

active-directory

grant

I'm trying to give access to an active directory user to only one specific table. I want them to be able to insert, update, delete, etc. but only for that table. I know this command:

GRANT Insert, Select on Tablename to user

But I can't figure out how to get "domain\user" to work syntax-wise. I tried:

GRANT Insert, Select on Tablename to domain\user

But I get:

Msg 102, Level 15, State 1
Incorrect syntax near '\'.

like image 381
bvankampen Avatar asked Jan 03 '14 16:01

bvankampen

People also ask

What is the syntax for Grant?

The Syntax for the GRANT command is:[WITH GRANT OPTION]; privilege_name is the access right or privilege granted to the user. Some of the access rights are ALL, EXECUTE, and SELECT. object_name is the name of an database object like TABLE, VIEW, STORED PROC and SEQUENCE.

How do I grant permission to user in SQL?

To grant permissions for the user, switch to the Object Permissions tab. In the Objects block, select the database object on which you want to grant privileges. In the Available Privileges block, select the permissions to be assigned and click Save.

How do I grant execute permission to a user in Azure SQL Server?

The trick is that you have to create a custom "executor" role and then grant execute permissions to it. Thanks, this was right on the money! (should also be the accepted answer IMHO...) Please elaborate on why a "trick" is required here.

2 Answers

Assuming you have created a user in this database associated with the AD login, e.g.

CREATE LOGIN [domain\user] FROM WINDOWS; GO USE your_database; GO CREATE USER [domain\user] FROM LOGIN [domain\user]; GO

Then you merely have to follow the same syntax. Because \ is not a standard character for an identifier, you need to escape the name with [square brackets]:

GRANT SELECT, INSERT, UPDATE, DELETE ON dbo.Tablename TO [domain\user];
like image 65
Aaron Bertrand Avatar answered Sep 28 '22 02:09

Aaron Bertrand

It is a good practice to create a role and add users to that role. Then grant permissions to that role. 

USE database_name GO  --1)create role  CREATE ROLE role_name GO  --2 create user IF NOT EXISTS (SELECT * FROM sys.database_principals WHERE name = N'domain\user') BEGIN     CREATE USER [domain\user] FOR LOGIN [domain\user] END; GO  -- 3 Add user to the role ALTER ROLE [role_name] ADD MEMBER [domain\user] GO  --4 Grant permissions to the role GRANT SELECT, INSERT, UPDATE, DELETE ON dbo.Tablename TO [role_name];
like image 45
rjose Avatar answered Sep 28 '22 02:09

rjose
Sign in to Comment

Related questions

Updating and join on multiple rows, which row's value is used?
What does ApplicationIntent=ReadOnly mean in the connection string
How can I Schedule a Sql job in Microsoft Azure SQL database?
case statement in SQL, how to return multiple variables?
T-SQL: SUSER_SNAME vs SUSER_NAME?
Scope of @@rowcount?
Does SQL Server CACHES Query Results? [duplicate]
How to solve warning "Referenced assembly targets a different processor than the application"
INSERT-OUTPUT including column from other table
Save byte array in sql server
Find all Database Objects by Name?
How can I get number of deleted records?
Huge transaction log with SQL Server database in simple recovery mode
Aggregate bitwise-OR in a subquery
Create nested JSON arrays using FOR JSON PATH
Alter column default value
Work around SQL Server maximum columns limit 1024 and 8kb record size
Is SQL Server Express good enough for a developer, or should they get Developer edition?
Select "where clause" evaluation order
How do I group on continuous ranges

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!