stackoom
  简体   繁体   中英

How to compare security setting/access rights between 2 SQL Database?

 原文  2009-12-09 01:28:25       sql-server

Question

Executing SP to check who is currently logon in the SQL working fine in Development database.But executing same SP in LIVE database only return 1 "runnable" record.

Both databases are reside in same physical SQL server. Had compare 2 database using some external freeware and shareware, can't find any difference especially on "Users and Roles" or "DB Properties".

Appreciate if got any solutions or suggestions.

Thanks to David.Chu.ca for the following store procedure. 

*======================================================
USE [SAFEQA]
GO
/****** Object:  StoredProcedure [dbo].[sp_checkUserID]    Script Date: 12/09/2009 09:11:05 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO


ALTER procedure [dbo].[sp_checkUserID] 
WITH EXECUTE AS OWNER  
AS 
begin 
DECLARE @retTable TABLE (
 SPID int not null 
 , Status varchar (50) not null 
 , Login varchar (50) not null 
 , HostName varchar (50) not null 
 , BlkBy varchar(50) not null 
 , DBName varchar (50) null 
 , Command varchar (50) not null 
 , CPUTime int not null 
 , DiskIO int not null 
 , LastBatch varchar (50) not null 
 , ProgramName varchar (100) null 
 , SPID2 int not null 
 , REQUESTID INT)

 INSERT INTO @retTable EXEC sp_who2 
   SELECT Status, Login, HostName, DBName, Command, CPUTime, ProgramName -- *  
   FROM @retTable  
   --WHERE Login not like 'sa%' -- if not intereted in sa  
   ORDER BY Login, HostName
END 

*====================================================================

1 answers

solution1
 0 ACCPTED  2009-12-09 01:37:00

Non-priviledged accounts can only see their own session from sp_who/sp_who2. In particular, code running under the database scopped impersonation context (EXECUTE As OWNER) will not be able to see any other session.

See Signing an activated procedure for an example how to elevate the database impersonation context to the server (that example is actually exactly about reading the sessions DMVs).

If I'd venture a guess, the difference between production and development is that in production the database SAFEQA is not marked as TRUSTWORTHY.

See also Extending Database Impersonation by Using EXECUTE AS for more details.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Setting Sql server security rights for multiple situations Grant integrated security access rights for Microsoft SQL Server to LocalSystem account? Connection setting between two SQL server to access a different database Compare rights of two users on SQL Server SQL Server how to control access to data between clients on the same database Can I use SQL Server security to control access to my (database first) ASP.net application? How? Security practices for SQL Server & C# with limited database access Determine Security Differences Between Two SQL Servers Database Users How to compare between 2 COUNT() SQL Server EF6 Schema compare between database and sql-file?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM