Restrict SQL Server Login access to only one database

sql-server-2008 login-control
117,747

Solution 1

  1. Connect to your SQL server instance using management studio
  2. Goto Security -> Logins -> (RIGHT CLICK) New Login
  3. fill in user details
  4. Under User Mapping, select the databases you want the user to be able to access and configure

UPDATE:

You'll also want to goto Security -> Server Roles, and for public check the permissions for TSQL Default TCP/TSQL Default VIA/TSQL Local Machine/TSQL Named Pipesand remove the connect permission

Solution 2

I think this is what we like to do very much.

--Step 1: (create a new user)
create LOGIN hello WITH PASSWORD='foo', CHECK_POLICY = OFF;


-- Step 2:(deny view to any database)
USE master;
GO
DENY VIEW ANY DATABASE TO hello; 


 -- step 3 (then authorized the user for that specific database , you have to use the  master by doing use master as below)
USE master;
GO
ALTER AUTHORIZATION ON DATABASE::yourDB TO hello;
GO

If you already created a user and assigned to that database before by doing 

USE [yourDB] 
CREATE USER hello FOR LOGIN hello WITH DEFAULT_SCHEMA=[dbo] 
GO

then kindly delete it by doing below and follow the steps

   USE yourDB;
   GO
   DROP USER newlogin;
   GO

For more information please follow the links:

Hiding databases for a login on Microsoft Sql Server 2008R2 and above

Solution 3

For anyone else out there wondering how to do this, I have the following solution for SQL Server 2008 R2 and later:

USE master
go
DENY VIEW ANY DATABASE TO [user]
go

This will address exactly the requirement outlined above..

Solution 4

this is to topup to what was selected as the correct answer. It has one missing step that when not done, the user will still be able to access the rest of the database. First, do as @DineshDB suggested

  1. Connect to your SQL server instance using management studio
   2. Goto Security -> Logins -> (RIGHT CLICK) New Login
   3. fill in user details
   4. Under User Mapping, select the databases you want the user to be able to access and configure

the missing step is below:

5. Under user mapping, ensure that "sysadmin" is NOT CHECKED and select "db_owner" as the role for the new user.

And thats it.

Share:
117,747
Curtis
Author by

Curtis

https://curtiscode.dev

Updated on October 26, 2020

Comments

  • Curtis
    Curtis over 3 years

    I have a SQL Server server which has around 50 databases on it.

    I wish to create a new Login for a client who wishes to have access to their database.

    But I don't want to give them access to the other 49 databases.

    How can I do this?

  • Curtis
    Curtis over 13 years
    Thanls for your reply. I've created a new user this way, tried logging in with them in SSMS2008 and I have full access to all databases...
  • Irfy
    Irfy over 13 years
    Hi Curt - It's going to be something to do with the default access settings via either public or guest on both a server level and database level. Please try the above and if that doesn't work there are a couple other things i can suggest (but the last time I had this problem that fixed it)
  • recursive_acronym
    recursive_acronym about 11 years
    Make sure the user in question isn't set as a 'sysadmin' in their properties.
  • BiLaL
    BiLaL over 8 years
    This command will block access to ALL of the 50 databases, please provide the other required statements also...
  • Bernardo Dal Corno
    Bernardo Dal Corno over 7 years
    I have several users not mapped to the database but still with access. I think this is equal to "has login inside database users"
  • Bernardo Dal Corno
    Bernardo Dal Corno over 7 years
    Now, how would you do if you can't DENY all databases first? The oposite, of that, only restrict access to one specific database.
  • Wayne
    Wayne over 2 years
    DENY VIEW ANY DATABASE TO suggesteventsusers; Is saying that it is not correct SQL syntax for me.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

SQL Server 2008 Audit trigger based on sub string
Query to find the size of data in a column
Cannot login to SQL Server 2008, in Windows 7 x64
Remove special characters in SQL
SQL Server connection string question
How to remove or alter the dbo prefix from SQL Server 2012 tables?
How to iterate through each row in sql server?
Retrieving failing package and error message in SSIS
Sql Query with Date range
I need to import data from Excel to SQL Server using VBA