Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
noamg
Posting Yak Master
215 Posts |
 Posted - 2013-10-01 : 06:42:17
|
| Hi,for security reasons, I have to remove the un-used permission.How I can know what to revoke ?Noam Graizer |
|
|
James K
Master Smack Fu Yak Hacker
3873 Posts |
Posted - 2013-10-01 : 09:37:44
|
| You have to first define what permissions are required for each login/user/group. Then remove any unnecessary permissions.My approach usually is to grant no permissions to anyone, and then add permissions only as needed. Most end-user logins/groups would only have public role at the server level and access to only the databases they need. In those databases, they would be granted access (usually execute permissions) to the stored procedures they need. You can create roles and grant them membership in those roles to manage the permissions for a group of users. |
 |
|
|
|
|
|
unnecessary permission