SQL server, SQLServerPedia Syndication

Grant login to view other logins and mappings.

A user was having issues with a reporting application and called me to check up on the DB permissions, and I was relaying the login mappings back to him. Since he had read only access to the DBs, he was not able to the see the permissions or mappings of the other logins in SSMS.

I did not want to elevate the users permissions and was wondering if there was a granular way to grant this access. Apparently there is: GRANT VIEW ANY DEFINITION to login_name. Now the user was able to view the other logins, except for the DBs he did not have read access to. I could have gone even more granular with: GRANT VIEW DEFINITION ON LOGIN::other_login_name TO your_login_name to give a per login level access.



Thinking about someting? Leave a Reply...

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s