Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
ostinoh
Yak Posting Veteran
66 Posts |
 Posted - 2013-07-18 : 15:36:59
|
| Hello - Found out that the DBA before me had db_datareader checked for a sensitive database. Now as I understand it that grants Select on all tables within that database. Correct?This same service account also has a Securables set up to a View I'll call (A). The view is the only thing this Service Account should be able to select and see. View (A) calls up other tables in the same databases as well just as a side note.My question is if I removed the db_datareader on that Servicve Account will that account now not be able to Select from the underlieing tables?I hope that makes sense. We are to fix this with breaking the app but wanted to lock down the database.Regards,David |
|
|
russell
Pyro-ma-ni-yak
5072 Posts |
Posted - 2013-07-18 : 16:45:59
|
| As long as all of the objects referenced in the view live in the same database, then GRANT SELECT ON <View Name> To <UserName> will suffice. |
 |
|
|
ostinoh
Yak Posting Veteran
66 Posts |
Posted - 2013-07-19 : 08:43:31
|
| Russell - Thank you... That is the answer I was looking and hoping for.Regards, |
|
|
|
ostinoh
Yak Posting Veteran
66 Posts |
Posted - 2013-07-19 : 09:23:48
|
quote:
Originally posted by russell
As long as all of the objects referenced in the view live in the same database, then GRANT SELECT ON <View Name> To <UserName> will suffice.
Russell - Well I spoke to soon. After re-looking at the view I found that there is another database with referenced tables that are part of a Inner Join, Left Join and From.How does that affect what I can do?Regards,David |
|
|
|
|
|
|
Domain Service Account has db_datareader mistake