SQL Permission problem.
Cem_Karaer
Member Posts: 281
Hi all,
I need an advice about creating a login for Navision use on SQL 2005. I think Navision requires the login to be a member of securityadmin server role (otherwise it's impossible for a user mapped to the login to change its password within Navision). But securityadmin is a over-privileged role for only a Navision user. Denying "alter any login" permission in server-wide produces the same result as denying securityadmin role. What I'm afraid of is that the over-privileged login can log on the server by using Management Studio and change passwords of others. The only way I could figure out was to deny Alter permission for every other login. But this is a very tedious job because every login must be negated for all other logins except itself.
I'm absolutely sure that I do something wrong
. Readjustments will be greatly appreciated!
I need an advice about creating a login for Navision use on SQL 2005. I think Navision requires the login to be a member of securityadmin server role (otherwise it's impossible for a user mapped to the login to change its password within Navision). But securityadmin is a over-privileged role for only a Navision user. Denying "alter any login" permission in server-wide produces the same result as denying securityadmin role. What I'm afraid of is that the over-privileged login can log on the server by using Management Studio and change passwords of others. The only way I could figure out was to deny Alter permission for every other login. But this is a very tedious job because every login must be negated for all other logins except itself.
I'm absolutely sure that I do something wrong
. Readjustments will be greatly appreciated! Cem Karaer @ Pargesoft
Dynamics NAV Developer since 2005
Dynamics NAV Developer since 2005
0
Answers
-
What a miraculous web site Mibuso is! Only asking a question is enough to find its answer. I just only denied Authenticate Server role for the login and solved the problem. In this way, the login has necessary permissions to change its password but has no means to intervene other logins using the Management Studio. I'm sorry for taking up space but I wanted to share my finding. Cem Karaer @ Pargesoft
Dynamics NAV Developer since 20050 -
[Topic moved from Navision forum to SQL General forum]Regards,Alain Krikilion
No PM,please use the forum. || May the <SOLVED>-attribute be in your title!0
Categories
- All Categories
- 73 General
- 73 Announcements
- 66.6K Microsoft Dynamics NAV
- 18.7K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 116 Navision DOS
- 851 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 617 NAV Courses, Exams & Certification
- 2K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 320 Dynamics CRM
- 111 Dynamics GP
- 10 Dynamics SL
- 1.5K Other
- 990 SQL General
- 383 SQL Performance
- 34 SQL Tips & Tricks
- 35 Design Patterns (General & Best Practices)
- 1 Architectural Patterns
- 10 Design Patterns
- 5 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.6K General
- 1.1K General Chat
- 1.6K Website
- 83 Testing
- 1.2K Download section
- 23 How Tos section
- 252 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions