Problem with new login | SQL Server Performance Forums

SQL Server Performance Forum – Threads Archive

Problem with new login


Hi All, My client requested to create one login which has rights to create new logins and users.
I created one login and assigned security administrator rights to this login, but still not working. This is bit urgent. Will appreciate early reply to this. Thanks,
Aspire
Hi, sp_addlogin ‘sqladm’ sp_addsrvrolemember @loginame = ‘sqladm’
, @rolename = ‘securityadmin’ Will server your purpose.
HTH
Regards
Hemantgiri S. Goswami
[email protected]
"Humans don’t have Caliber to PASS TIME , Time it self Pass or Fail Humans" – by Hemantgiri Goswami
Hemant, I did the same.
When the newly created login try to create another login,it creates the login but unable to execute the stored procedure sp_grantdbaccess.Giving error like "don’t have permission to execute sp_grantdbaccess" stored procedure. So new user doesn’t have access to the database. I also checked out the permissions of security admin role and didn’t find sp_grantdbaccess stored procedure. Any thought about this..
Thanks,
aspire
Hi,<br />BOL SAYS about sp_grantdbaccess <br /><br />Permissions<br />Only members of the sysadmin fixed server role, the db_accessadmin and db_owner fixed database roles can execute sp_grantdbaccess<br /><br />sp_addsrvrolemember @loginame = ‘sqladm'<br />, @rolename = ‘processadmin’ <br /><br />[<img src=’/community/emoticons/emotion-1.gif’ alt=’:)‘ />]<br />Regards<br /><br />Hemantgiri S. Goswami<br />[email protected]<br />"Humans don’t have Caliber to PASS TIME , Time it self Pass or Fail Humans" – by Hemantgiri Goswami<br />
SECURITY ADMIN role – can manage logins and CREATE DATABASE permissions, also read error logs and change passwords. IN order to allow the user to create login/users it must be a member of SYSADMIn as per the reference. Satya SKJ
Moderator
http://www.SQL-Server-Performance.Com/forum
This posting is provided “AS IS” with no rights for the sake of knowledge sharing.
Thanks for taking time for this, But processadmin serverrole is not working here. I don’t see any other server level role for performing
this task. We don’t want to give sysadmin rights to the user. And also doesn’t look effecient to go to seperate databases and giving db_accessadmin database role to
that perticular login id. Please let me know if anything else can be done. Thanks,
aspire
There is no other alternative and only members of SYSADMIN group can allow such facility to create/drop logins. Satya SKJ
Moderator
http://www.SQL-Server-Performance.Com/forum
This posting is provided “AS IS” with no rights for the sake of knowledge sharing.
]]>