Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Granting Full SQL Server Permissions for a Database

Tags:

sql-server

permissions

roles

How can I give a user (who was created WITHOUT LOGIN) full control over a contained database without having to specify that database's name, like GRANT CONTROL ON DATABASE::DatabaseName TO UserName, but without using a database name? I figure it'll include GRANT ALTER ANY SCHEMA TO UserName, but I'm not sure what else I'd need to grant, or if there's a better way. Thanks.

like image 883
uncaged Avatar asked Nov 28 '18 19:11

uncaged

2 Answers

If you literally want them to be able to do anything in that database, you can just add them to the db_owner role:

USE ContainedDatabase;
GO
ALTER ROLE db_owner ADD MEMBER [username];

If you want to be more granular, you can add them to lesser roles, like db_ddladmin, db_securityadmin, etc. You can see the list of built-in roles here:

  • Database-Level Roles

The permissions inherent in each of those roles:

  • Permissions of Fixed Database Roles

And if those don't suit, you can create your own roles, add your user to that role, and grant specific permissions to that role you created (and/or add them to other roles). The difference between applying the permissions to the role instead of directly to the user is simply reuse - if you add five more users that you want to apply the same permissions, you just add them to the custom role, rather than apply those granular permissions or roles to all 5 of the users.

like image 197
Aaron Bertrand Avatar answered Sep 19 '22 12:09

Aaron Bertrand
  1. Open SQL Server Management Studio and connect to your server.
  2. In the Object Explorer, expand the "Security" folder under the server.
  3. Right click on the "Logins" folder and choose "New Login..."
  4. Add the users name in the format "Domain\UserName". You can also add domain groups by just changing it to "Domain\GroupName". 5.If you would like this user to have full access to the SQL Server instance, you can choose the "Server Roles" tab. Adding the role "sysadmin" will give them full access to the server to do actions like update the database, backup the database, delete the database.

  5. Click ok and your user will be created and have access to your database.

  6. Choose the "User Mapping" tab. In the top half of this screen, check the box next to the database name. Once you highlight the database and check the box to map the user to it, you can add role memberships to the user. For access to the database.

  7. Click ok and your user will be created and have access to your database.
like image 44
Anusha Subashini Avatar answered Sep 20 '22 12:09

Anusha Subashini
Sign in to Comment

Related questions

Hiding databases for a login on Microsoft Sql Server 2008R2 and above [closed]
Stored Procedure to Insert Data from one table to another with same column names
How can I assign a number to each row in a table representing the record number?
set xact_abort on and try catch together
text/xmldecl not at the beginning of input
How to use DataAdapter with SqlTransaction in C#?
How do you import UTF-8 flat files into SQL Server 2008 R2?
splitting a datetime column into year, month and week
Adding filter on the right side table on Left outer joins
select NULL and false but not true in sql
CDC is enabled, but cdc.dbo<table-name>_CT table is not being populated
Calling a SOAP webservice from TSQL stored procedure
query to extract random rows from a table
Hibernate with Sql Server fail for nvarchar field with "No Dialect mapping..."
How to tell if a SQL Database has QUERY_STORE enabled?
Keyboard shortcut to switch to result tab in SSMS
Create sql indexes for complex filtering
SQL Server : removing duplicate column while joining tables
The SQL Server instance returned an invalid or unsupported protocol version during login negotiation
Pandas: how to convert a column with missing values to string?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!