| Author |
is it possible deny sp_who and sp_who2 in 2005 ?
|
|
| t2581@hotmail.com 2006-01-10, 8:23 pm |
| is it possible deny sp_who and sp_who2 in 2005 ?
| |
| Dan Guzman 2006-01-11, 9:23 am |
| I'm not sure why you would want to do this since a user can see only their
own connection information unless you've granted VIEW SERVER STATE.
To deny to a specific user, add the user to master and then deny execute
permissions on the procs. You could instead revoke execute permissions from
the public role to prevent everyone from executing the proc. You will
similarly need to change the default DMV permissions if you also want to
prevent ad-hoc access.
--
Hope this helps.
Dan Guzman
SQL Server MVP
<t2581@hotmail.com> wrote in message
news:1136935135.393925.202040@g44g2000cwa.googlegroups.com...
> is it possible deny sp_who and sp_who2 in 2005 ?
>
| |
|
| Sure, revoke permissions.
Any one in the sysadmin rolen can always bypass object security one way or
the other.
What are you trying to accomplish?
<t2581@hotmail.com> wrote in message
news:1136935135.393925.202040@g44g2000cwa.googlegroups.com...
> is it possible deny sp_who and sp_who2 in 2005 ?
>
| |
| t2581@hotmail.com 2006-01-12, 11:23 am |
| Developers( NT group) have wide rights on test and preprod server ,but
in production
this group
will not see metadata on server
will not run any process related procedure (sp_who)
Idealy they will be limited to just open query analyzer and read
data from selected db in production
|
|
|
|