I have a user who is just responsible for monitoring SQL backups. However I
seem to have to grant sys admin rights in order for the user to be able to
see the backups in Enterprise manager. What is the lowest level that I can
grant to the user in this situation ?
SiSimon
Why do the users need to see the backups in EM? The files are located on
filesystem.
Can just users issue BACKUP DATABASE/RESTORE DATABASE... from QA?
"Simon" <Simon@.discussions.microsoft.com> wrote in message
news:1A221F70-5B21-4A76-97DF-4BF62A4E4196@.microsoft.com...
>I have a user who is just responsible for monitoring SQL backups. However I
> seem to have to grant sys admin rights in order for the user to be able to
> see the backups in Enterprise manager. What is the lowest level that I can
> grant to the user in this situation ?
> Si|||The whole backup regime was setup before I joined the company. They use SQL
jobs to run the SQL backups onto tape. A user has been designated to check E
M
to ensure the tape contents are correct. This will change in the medium term
as we are looking at how everything is backed up and will probably move to
something like Quest Litespeed. However in the short term I don`t really wan
t
to change the way things are done, only to change in the future.
"Uri Dimant" wrote:
> Simon
> Why do the users need to see the backups in EM? The files are located on
> filesystem.
> Can just users issue BACKUP DATABASE/RESTORE DATABASE... from QA?
>
> "Simon" <Simon@.discussions.microsoft.com> wrote in message
> news:1A221F70-5B21-4A76-97DF-4BF62A4E4196@.microsoft.com...
>
>|||Simon,
A user does not need to be sysadmin to run backups (such as through Query
Analyze as Uri mentioned), but I believe that Enterprise Manager for SQL
Server 2000 specifically checks for sysadmin in the application.
So, as long as SQL Server 2000 and Enterprise Manager are the tools, I think
you are stuck with this level of access. Perhaps your revised approach will
not be too far away.
RLF
"Simon" <Simon@.discussions.microsoft.com> wrote in message
news:26A07029-860D-40FB-B382-B064819B3A04@.microsoft.com...[vbcol=seagreen]
> The whole backup regime was setup before I joined the company. They use
> SQL
> jobs to run the SQL backups onto tape. A user has been designated to check
> EM
> to ensure the tape contents are correct. This will change in the medium
> term
> as we are looking at how everything is backed up and will probably move to
> something like Quest Litespeed. However in the short term I don`t really
> want
> to change the way things are done, only to change in the future.
> "Uri Dimant" wrote:
>|||Hi,
The minimum rights a user account needs is:
Public (can not remove)
db_backupoperator
db_denydatareader (don't need but locks down)
db_denydatawriter (don't need but locks down)
If db_denydatareader is not set the user will be able to see the tables and
the structure (table properties only), but not the data in the tables. See
the stored procedures and views there content but cannot edit them. When
selected it will hide all the tables, views, stored procedures and users
from them and they will only be able to backup the database.
The only issue you will have is if they are backing up to disk they will not
be able to browse the DIR structure but can enter the location manually.
Alternatively you can set it up as a backup device.
- Mike
----
--
<a href="http://links.10026.com/?link=http://www.cogitar.net"> Cogitar Software. (
http://www.cogitar.net ) </a>
http://www.cogitar.net Cogitar Software. (Software Development and Managment
Systems)
http://www.web-dominion.co.uk Web-Dominion. (Web Design and hosting )
http://shop-dominion.com (senery landscape pictur gallery)
----
--
"Simon" <Simon@.discussions.microsoft.com> wrote in message
news:1A221F70-5B21-4A76-97DF-4BF62A4E4196@.microsoft.com...
>I have a user who is just responsible for monitoring SQL backups. However I
> seem to have to grant sys admin rights in order for the user to be able to
> see the backups in Enterprise manager. What is the lowest level that I can
> grant to the user in this situation ?
> Si
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment