This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 99%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
I would like to grant a specific windows role automatic permissions to be the "dbo" every time a new database is created, can this be accomplished using the model database, thanks
Yet an alternative is to use a server-level DDL trigger that adds the role to the database when it is created.
But Tibor makes a good point about databases that are restored on the server. DDL triggers don't fire on RESTORE as recall.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 30%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETH%3C/text%3E%3C/svg%3E)
And just to clarify: Yes, what Erland say is what I suggested. We are in agreement.
thank you.
are there any recommended ways other than using the model database wherein an AD group can be the member of the db_owner whenever a database is created without explicitly adding the AD role to the db_owner role.
Sure, you can have a scheduled job executing, say, every hour. This can do anything you want, for instance go through all databases and verify that the login for this AD group exists as a user in each database an is a member of db_owner role. But you will of course have a lag between the database is created and when the job is executed. However, this is in one aspect more robust than the model database. A database can be "created" by restore or attach. The model database won't help you in those cases.