Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
If you have ever had problems with trying to give different permissions to your Embedded database to different sets of users in your organization then there are some built-in server roles that may be able to make your life a little easier.
In SQL Server, if you open Enterprise Manger and navigate to the MantisSQLDB, then take a peek at the Roles node you will see that there are 3 roles already pre-defined – WES Admin, WES_Importer and WES_Reader.
These roles each have different permissions:
WES_Admin –
As you would expect this role has permissions to do just about everything to the database. A member of this group can import objects into and delete objects from the db and they can update any group or object within the database, as well as run all functions against the database. Users should be assigned to this role only when they have a need to make major changes to the database, like deleting things and changing repository roots.
Wes_Importer –
Members in this role can import objects into the database and make limited updates and execute certain functions (such as create a new repository object when you import a new component), but cannot delete anything from the database (packages or components), or make major modifications to any objects and groups in the database (such as changing the repository roots). When a user in this role launches Database Manager they will see the warning “You do not have permission to delete or change repository settings….”. This role is most useful for the average user that needs to import their custom components into the database and build configurations and runtimes.
WES_Reader –
This role is the most restrictive of the three. It allows members read-only permissions on the database, so that they are able to view all the existing components and other objects in the database but cannot import anything into the database or make any changes within the database. When a user in this role launches Database Manager they will see the warning “You do not have permission to modify the component database. Import, delete and repository settings are disabled….”. This role can be assigned to users who may need to build runtimes, but who use the existing components in the database.
In order to view the full range of permissions for each of these roles right-click on the role and then select “Properties > Permissions”.
To make use of these roles you have to add the user account to the “Users” node of the MantisSQLDB (usually supplying both domain and user name), and check the checkbox for Database Role you want them to be assigned to. Then make sure that you also add the user account information to the “Logins” node under “Security” for your SQL Server, and make the default database for that login “MantisSQLDB”.
- Lynda
Comments
- Anonymous
June 13, 2005
One of the frustrating things when multiple user are connecting to a single SQL Server Embedded Database... - Anonymous
July 30, 2005
One of the frustrating things when multiple user are connecting to a single SQL Server Embedded Database...