Is there a role that I can assign to a user that will give them the ability
to change password for specific group of database users?
ThanksWith the ability to change password for just one database; I don't think
there is one.
But you can do the following:
1) Create a new login on the server with securityadmin server role access.
2) Create a stored procedure in the database where you want to give the
ability to change passwords as yourself, and in the SP impersonate the login
created in step 1.
3) Encrypt the SP (Your choice don't have to).
4) Give the database user execute permissions to the SP.
Mohit K. Gupta
B.Sc. CS, Minor Japanese
MCTS: SQL Server 2005|||Agho (Agho@.discussions.microsoft.com) writes:
> Is there a role that I can assign to a user that will give them the
> ability to change password for specific group of database users?
Which version of SQL Server are you using?
In SQL 2005, you should be able create a role that you can grant
ALTER LOGIN on the logins, you want the role to be able to change
the passwords for. I don't think you can ALTER LOGIN on a role, but
you will have to grant rights on each login.
If you want users in the role to have the right to change any password,
you can grant the role ALTER ANY LOGIN.
I'm 100% sure that ALTER LOGIN is sufficient; you may need CONTROL LOGIN.
But testing this should be simple.
Erland Sommarskog, SQL Server MVP, esquel@.sommarskog.se
Books Online for SQL Server 2005 at
http://www.microsoft.com/technet/pr...oads/books.mspx
Books Online for SQL Server 2000 at
http://www.microsoft.com/sql/prodin...ions/books.mspx
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment