Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.databases.ms-sqlserver > #639 > unrolled thread
| Started by | Antony <antony.kll@hotmail.com> |
|---|---|
| First post | 2011-09-03 11:21 +0200 |
| Last post | 2011-09-04 00:07 +0200 |
| Articles | 2 — 2 participants |
Back to article view | Back to comp.databases.ms-sqlserver
SQL2008 shared hosing login permission Antony <antony.kll@hotmail.com> - 2011-09-03 11:21 +0200
Re: SQL2008 shared hosing login permission Erland Sommarskog <esquel@sommarskog.se> - 2011-09-04 00:07 +0200
| From | Antony <antony.kll@hotmail.com> |
|---|---|
| Date | 2011-09-03 11:21 +0200 |
| Subject | SQL2008 shared hosing login permission |
| Message-ID | <sbs367h29d9e9a8lpqiis6kp56bu0fr170@4ax.com> |
Hello,
for my mssql shared hosing I have create a database and login using
security settings write by microsoft for sql shared hosting:
http://learn.iis.net/page.aspx/530/sql-2008-for-hosters/
http://download.microsoft.com/download/d/1/f/d1f05c2e-0741-442d-859e-9417b377fdfa/The%20architectural%20view%20of%20SQL%20Server.zip
but trying to publish some applications I got the following error:
Cannot find the user 'dbo', because it does not exist or you do
not have permission.
I found that the sql that generate the error is:
CREATE ROLE [aspnet_Membership_BasicAccess] AUTHORIZATION [dbo]
I have seen that adding on database the db_owner rolemember for
userlogin the problem is solved but this feature is not included in
the microsoft documents for shared hosting I think for security
reason;
On documentation for SQL2008 shared hosting Microsoft set only
(db_ddladmin, db_datareader, db_datawriter)
my problem is to find a way for add CREATE ROLE command to user login
without give it the permission for ALTER DATABASE;
with ALTER DATABASE user can modify database size or can open security
problem and I don't want this.
do you know if there is a way to solve the problem?
thanks and regards
Antony
[toc] | [next] | [standalone]
| From | Erland Sommarskog <esquel@sommarskog.se> |
|---|---|
| Date | 2011-09-04 00:07 +0200 |
| Message-ID | <Xns9F5613696A9CYazorman@127.0.0.1> |
| In reply to | #639 |
Antony (antony.kll@hotmail.com) writes: > Cannot find the user 'dbo', because it does not exist or you do > not have permission. > > I found that the sql that generate the error is: > > CREATE ROLE [aspnet_Membership_BasicAccess] AUTHORIZATION [dbo] > > I have seen that adding on database the db_owner rolemember for > userlogin the problem is solved but this feature is not included in > the microsoft documents for shared hosting I think for security > reason; I'm unfmailiar with the documents you refer to, but if you want to create roles and users, you will need sufficient permission for this. That is, membership in db_owner or db_securityadmin. Note that the application should log in with db_owner, but the application should not create users and that. -- Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se Links for SQL Server Books Online: SQL 2008: http://msdn.microsoft.com/en-us/sqlserver/cc514207.aspx SQL 2005: http://msdn.microsoft.com/en-us/sqlserver/bb895970.aspx
[toc] | [prev] | [standalone]
Back to top | Article view | comp.databases.ms-sqlserver
csiph-web