SQL Server db_owner

views:

answers:

SQL Server db_owner

Hi,

in my SQL2008 I have a user which is in the "db_datareader", "db_datawriter" and "db_ddladmin" DB roles, however when he tries to modify a table with SSMS he receives a message saying:

You are not logged in as the database owner or system administrator. You might not be able to save changes to tables that you do not own.

Of course, I would like to avoid such message, but until now I did find the way... Therefore, I try to modify the user by adding him to the "db_owner" role, and of course I do not have the message above.

My question is:

Is it possible to keep the user in the "db_owner" role, but deny some actions like alter user or ? I try "alter any user" securable on DB level, but it does not work...

THANKS!

+1 A:

Members of the db_ddladmin fixed database role can run any Data Definition Language (DDL) command in a database. It is probably just a warning from SSMS, try it out create a user and try to alter some tables

SQLMenace 2010-06-07 13:57:03

+1 A:

My understanding has always been that any user with db_owner rights can do anything to a database, up to and including dropping it. Certainly, this was true through SQL 2005. I've heard nothing to imply that this has changed with SQL 2008.

Philip Kelley 2010-06-07 13:58:28

+1 A:

If the user is part of db_ddladmin it shouldn't be a problem. This is just a warning

Barry 2010-06-07 13:59:13

ansaurus

tags:

views:

answers:

SQL Server db_owner

related questions