I am working with sql server 2012 - I have created a Server Role - XXXX and I want to grant execute priviliges to this role on a stored procedure. I am using this command:
GRANT EXECUTE ON [dbo].[MyStoredProcedure] TO [XXXX]
However I get this error:
Cannot find the user 'XXXX', because it does not exist or you do not have permission.
Any idea if my syntax is wrong or what I am doing wrong?
Related
I seem to be getting an error like this when running some SQL against my SQL Server database hosted in Azure..
The REFERENCES permission was denied on the object 'MyDbTable', database 'master', schema 'dbo'.
Then I try to execute the SQL like this to grant the user elevated permissions:
exec sp_addrolemember 'db_owner', 'mydbuser'
Which fails with:
Cannot alter the role 'db_owner', because it does not exist or you do not have permission.
Probably because I'm logged in with the user that doesn't have a high level of permissions and I'm trying to elevate myself..
I don't see an easy way to grant admin level permissions to a SQL Server user in the Azure portal..
Could someone please assist on how to do this in Azure SQL Database?
As #Larnu suggested you cannot alter the db_owner role in master in an Azure SQL Database. you are facing this error. I also tried to do like that and got similar error.
To Overcome this, select particular database and then execute the command
EXEC sp_addrolemember 'db_owner', 'newpratiklg';
GO
In a SQL Server 2008 R2 database, I created a user login with:
Server Role: Public
User Mapping: master, model, msdb
Database Role Membership db_datareader, public
When I use with new user login to connect it connects and I can run update, create commands. Which I don't want to run.
The same setting I tried in SQL Server 2012. It didn't allowed me to run update and create commands.
I get an error :
CREATE TABLE permission denied in database 'TEMP'.
In SQL Server 2012 I have a different database.
Please give solution
I have followed this https://www.itsupportguides.com/server-side-tips/sql-management-studio-how-to-create-read-only-users/
for this Login
mark SERVER Role for following Databases as db_DenyDataReader , and db_DenyDatawriter
We are trying to develop a repeatable process for installing AppFabric, using a SQL Server 2012 Standard Edition instance.
I granted the SQL Server login (using Windows Authentication) being used to install AppFabric the db_creator Server Role, since AppFabric clearly needs to create databases. During Installation of AppFabric, they receive the error:
"The EXECUTE permission was denied on the object 'sp_add_category',
database 'msdb', schema 'dbo'. Could not find stored procedure
'ASInternal_ThrowError'.
I can't very well grant EXECUTE to a stored procedure in a database that doesn't exist when I am granting Server Roles to the login. I have been unable to find any documentation regarding the minimum SQL Server permissions required for the AppFabric installation.
I suppose I could just grant the sysadmin Server Role to that user account, but I'd rather not.
I logged into SQL Server 2008 via SQL Server Management Studio using Windows admin account. When I run the command (ALTER LOGIN sa ENABLE) I get the following error.
Cannot alter the login 'sa', because it does not exist or you do not have permission.
You account doesn't have permissions. It isn't sysadmin.
CREATE DATABASE requires
Requires CREATE DATABASE, CREATE ANY DATABASE, or ALTER ANY DATABASE permission.
This is (legacy SQL Server 2000 lingo):
sysadmin
dbcreator
If the account is "end user" consider wrapping the call in a stored procedure to hide the permissiosn escalation
Edit, after question update
sa is always sa; you can't disable it as such
You need to grant some permissions to the Windows account using GRANT
Follow the advices in this article:
http://blogs.msdn.com/b/dparys/archive/2009/09/17/create-database-permission-denied-in-database-master-my-fix.aspx
EDIT: The whole question changed!
I want to be able to invoke an SSIS package at will from a web application. I've found that I can do this successfully with sp_start_job when running on my local machine. However, when I publish to our test site, I get:
The EXECUTE permission was denied on the object 'sp_start_job', database 'msdb', schema dbo'
So I tried this
USE msdb
CREATE USER [TheUser] FOR LOGIN [TheLogin]
GO
GRANT EXECUTE ON sp_start_job TO [TheUser]
GO
However, after running this, I am still getting the permission denied error. Is there something special you have to do to grant permissions to system stored procs?
Edit: don't know if it makes a difference or not, but the Webserver is in a DMZ, so I am using sql server authentication to communicate between webserver and db server.
From MSDN:
By default, members of the sysadmin
fixed server role can execute this
stored procedure. Other users must be
granted one of the following SQL
Server Agent fixed database roles in
the msdb database:
* SQLAgentUserRole
* SQLAgentReaderRole
* SQLAgentOperatorRole