[英]Granting limited permissions to a user on SQL Server 2008
How can you give rights to a user on particular Databases so he can perform every action on those databases including backup and restore. 您如何授予用户特定数据库的权限,以便用户可以对那些数据库执行所有操作,包括备份和还原。 But this user should not be able to access some other Databases on server.
但是该用户不应能够访问服务器上的其他一些数据库。 And this user should also have the rights to create new database on server, to create/alter linked server and also create/alter a job in job agent.
并且该用户还应该有权在服务器上创建新数据库,创建/更改链接服务器以及在作业代理中创建/更改作业。
What permissions and server roles should I assign to acheive all above? 我应该为以上所有任务分配哪些权限和服务器角色? Actually if I assign this user a server role Sysadmin then he can create/alter linked server and SQL jobs but at the same time he can access all databases on server and that I do not desire.
实际上,如果我为该用户分配服务器角色Sysadmin,则他可以创建/更改链接的服务器和SQL作业,但是同时他可以访问服务器上的所有数据库,而我不希望这样做。
Any help would be appreciated! 任何帮助,将不胜感激!
Thanks! 谢谢!
It looks like you want the permissions below. 看来您需要以下权限。 You should probably review the links provided to make sure that it's what you need.
您可能应该查看提供的链接,以确保它是您所需要的。
As pointed out, this is more of a DBA than a SQL question. 如前所述,这更多的是DBA,而不是SQL问题。 There's also quite a lot of documentation out there on how to do this, which invites an RTFM response.
关于如何执行此操作的文档也很多,这引起了RTFM的响应。 Next time you have a question like this, you might want to review the docs first, make a plan, and ask whether your plan will work.
下次您遇到这样的问题时,您可能需要首先查看文档,制定计划,然后询问您的计划是否有效。
All rights on specific databases: db_owner on that database. 特定数据库的所有权利:该数据库上的db_owner。
Create/alter linked server: CREATE LINKED SERVER on server. 创建/更改链接服务器:在服务器上创建链接服务器。 ALTER LINKED SERVER on server.
服务器上的ALTER LINKED SERVER。
Create databases, but can't drop/alter ones you don't own: CREATE ANY DATABASE on server. 创建数据库,但不能删除/更改您不拥有的数据库:在服务器上创建任何数据库。 (dbcreator lets you drop/alter others)
(dbcreator允许您删除/更改其他对象)
http://www.mssqltips.com/sqlservertip/1714/server-level-permissions-for-sql-server-2005-and-sql-server-2008/ http://www.mssqltips.com/sqlservertip/1714/server-level-permissions-for-sql-server-2005-and-sql-server-2008/
Create/alter jobs: SQLAgentUser role on msdb. 创建/更改作业:msdb上的SQLAgentUser角色。
http://msdn.microsoft.com/en-us/library/ms188283(v=sql.90).aspx http://msdn.microsoft.com/zh-CN/library/ms188283(v=sql.90).aspx
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.