Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How to allow user to sp_adduser?

Status
Not open for further replies.
WDfog

WDfog

Programmer
Oct 16, 2000
26
US
I have a database that I'd like to have a user administer for new users. However, I cannot set this one user up to be able to run the sp_adduser procedure without setting him up as a sys_admin or a dbo of that database.

I thought of adding him to the dbo group and then denying many rights, but the all critical DROP command cannot be revoked.

Any suggestions?

Thanks,
Wendy [sig][/sig]
 
Sort by date Sort by votes
From the BOL:

Only dbo can execute sp_adduser.

If it helps, you might try sp_grantdbaccess:

Only members of the db_accessadmin or db_owner fixed database roles can execute sp_grantdbaccess.
[sig]<p>Robert Bradley<br><a href=mailto: > </a><br><a href= - Visual FoxPro Development</a><br> [/sig]
 
Upvote 0 Downvote
I suggest that you investigate using sp_grantdbaccess instead of sp_adduser. The documentation says that sp_adduser requires dbo authority, but sp_grantdbaccess only requires the db_accessadmin role. [sig][/sig]
 
Upvote 0 Downvote
Thanks for the help, but unfortunately, I am stuck with the same error message of 'only members of the sysadmin role or the database owner can execute this stored procedure' even after putting the user into the db_accessadmin role and using sp_grantdbaccess. [sig][/sig]
 
Upvote 0 Downvote
Could you describe your problem in more detail? I tried a quick test and was able to use sp_grantdbaccess with just db_accessadmin, not dbo. Here's what I did.

1. Logged on as sa and created user test1 with db_accessadmin in database db01, but no other permissions.

2. As sa created user test2 with no rights in db01.

3. Logged in to query analyzer as test2 and tried to execute the command &quot;use db01&quot;. This failed because test2 has no rights in db01.

4. Logged in to query analyzer as test1 and executed the command &quot;sp_grantdbaccess test2&quot;.

5. Logged in to query analyzer as test2. This time the command &quot;use db01&quot; succeeded.

This is admittedly a superficial test, but it does appear that it's not necessary to have db owner authority to execute sp_grantdbaccess. [sig][/sig]
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

dgillz
  • Locked
  • Question
How to convert varchar to time? 2
Replies
1
Views
1K
Chris Miller
Chris Miller
Cpreston
  • Locked
  • Question
How to add a Letter to datepart
Replies
5
Views
824
Andrzejek
Andrzejek
Cpreston
  • Locked
  • Question
Seconds to minutes 2
Replies
5
Views
2K
Chris Miller
Chris Miller
grnzbra
  • Locked
  • Question
How Do I Add Column to Middle of Table
Replies
4
Views
950
BobSuruncle
BobSuruncle
V
  • Locked
  • Question
xp_cmdshell vs psexec - this SQL server forgets credential to an W10 share
Replies
0
Views
821
Volvere
V

Part and Inventory Search

Sponsor

Back
Top