Roles needed for executing Stored Procedure in SQL Server Authentication

c# .net sql-server
17,913

Solution 1

Permissions for creating and executing procedures are documented under CREATE PROCEDURE and EXECUTE, respectively.

One important consideration is that users do not need to have permissions on the objects referenced in the procedure. You can read this in the documentation, but it's faster to test it yourself:

create table dbo.TestTable (col1 int)
go

create procedure dbo.TestProc
as select col1 from dbo.TestTable
go

grant execute on dbo.TestProc to UserWithNoPermissions
go

execute as user = 'UserWithNoPermissions';

-- this gives error 229 (SELECT permission denied)
select * from dbo.TestTable;

-- this works
execute dbo.TestProc;

revert;

Note that there are some exceptions: dynamic SQL executes in its own scope, so if your procedure uses it then the executing user will indeed need permission on the underlying objects.

Solution 2

IF you want to go more granular on giving your rights to roles, under 'Security' folder ( under the database ), you can configure your execute rights to a given stroed proc.

i.e., in the managements studio's Object explorer, [Database] -> Security -> [YourRole] -> Rightclick for properties -> Securables section

Here you can add specific object types and their permissions et al.

Hope this helps.

Solution 3

It depends on the action performed within your stored procedure.

If you simply excute SELECT statements, the db_datareader role should fit for executing your stored procedures. The db_datawriter is the role, that is eligible to create them.

Share:
17,913
LCJ
Author by

LCJ

.Net / C#/ SQL Server Developer Some of my posts listed below -- http://stackoverflow.com/questions/3618380/log4net-does-not-write-the-log-file/14682889#14682889 http://stackoverflow.com/questions/11549943/datetime-field-overflow-with-ibm-data-server-client-v9-7fp5/14215249#14215249 http://stackoverflow.com/questions/12420314/one-wcf-service-two-clients-one-client-does-not-work/12425653#12425653 http://stackoverflow.com/questions/18014392/select-sql-server-database-size/25452709#25452709 http://stackoverflow.com/questions/22589245/difference-between-mvc-5-project-and-web-api-project/25036611#25036611 http://stackoverflow.com/questions/4511346/wsdl-whats-the-difference-between-binding-and-porttype/15408410#15408410 http://stackoverflow.com/questions/7530725/unrecognized-attribute-targetframework-note-that-attribute-names-are-case-sen/18351068#18351068 http://stackoverflow.com/questions/9470013/do-not-use-abstract-base-class-in-design-but-in-modeling-analysis http://stackoverflow.com/questions/11578374/entity-framework-4-0-how-to-see-sql-statements-for-savechanges-method http://stackoverflow.com/questions/14486733/how-to-check-whether-postback-caused-by-a-dynamic-link-button

Updated on November 23, 2022

Comments

  • LCJ
    LCJ over 1 year

    I need to connect to SQL Server 2008 R2 database from a C# application. I need to use SQL Server authentication for the connection.

    What are the roles and schemas needed for the user so that the user will be able to create/execute stored procedures ?

    Note: The stored procedures will be in dbo schema.

  • LCJ
    LCJ over 11 years
    Is it sufficient from a C# application also?
  • Jan P.
    Jan P. over 11 years
    It is sufficient whereever the user authenticates. The rights do not depend from where the user is accessing the DB. You allways have the same rights, wether you use the "SQL Server Management Studio", an C#-Application or a JAVA application. The SQL-Server just knows that the user e.g. Lijo is trying to execute something.
  • Adir D
    Adir D over 11 years
    Not quite correct. db_datawriter is about modifying data in tables, not about creating objects like stored procedures. Also db_datareader will only help you if the stored procedure is running only SELECT statements...
  • Jan P.
    Jan P. over 11 years
    For shure. If the stored procedures tries to drop a database, it could not be executed by a db_datareader. Edited my post.
  • Pondlife
    Pondlife over 11 years
    db_datareader is (possibly) irrelevant: a user who can execute a stored procedure does not need any permissions on the underlying objects. So unless there is dynamic SQL, EXECUTE AS or something else 'unusual' in the procedure, the only permission required is permission to EXECUTE it.
  • LCJ
    LCJ over 11 years
    Thanks. What is the permission to be granted to creating a procedure?
  • Pondlife
    Pondlife over 11 years
    Did you read the first sentence of my answer and follow the links?
  • LCJ
    LCJ over 11 years
    Do you mean GRANT CREATE PROCEDURE TO MYUSER?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Using SQL Server with Dart
Handle backslash in the connection string
How to use SqlCacheDependency?
Encrypting a BouncyCastle RSA Key Pair and storing in a SQL2008 database
Parameterize WHERE Clause in Query
"Handle is invalid" error when opening SqlConnection
Could not load file or assembly 'Microsoft.SqlServer.Types, Version=12.0.0.0, Culture=neutral, PublicKeyToken=myKey' or one of its dependencies.
error: 40 - Could not open a connection to SQL Server
Bulk inserting best way to about it? + Helping me understand fully what I found so far
Entity framework issue "The table/view ' does not have a primary key defined."