Skip to Content
0

Sysbase granular permissions to a user.

Nov 16, 2017 at 10:41 AM

61

avatar image

Hi,

I want to assign granular permissions to a login user, so that he can create and alter any other login user.

I have already granted "manage any login" privileges to a user using following command:

grant manage any login to 'username'.

But this user is not able to create other login users as a user with SSO role can. When trying to create logins with sp_addlogin procedure it throws an error "You should have 'manage any login' permissions to execute this ".

Please suggest how to resolve this error.

10 |10000 characters needed characters left characters exceeded

Can anybody help me to resolve this?

0
* Please Login or Register to Answer, Follow or Comment.

1 Answer

Bret Halford
Nov 17, 2017 at 03:05 PM
1

If you run sp_helprotect on this user, does the output show "manage any login" as being granted?
i.e. there should be an entry that looks like this:

1> grant manage any login to joeuser
2> go

1> sp_helprotect joeuser
2> go
grantor grantee type action object
column predicate grantable
------- ------- ----- ---------------- ----------------------------------
----------------- --------- ---------
dbo joeuser Grant Manage Any Login
All NULL FALSE

dbo public Grant Execute dbo.mon_rpc_attach
All NULL FALSE
dbo public Grant Execute dbo.sp_autoformat
All NULL FALSE
[...]-bret
Show 1 Share
10 |10000 characters needed characters left characters exceeded

thanks for your reply. With below commands the issue got resolved.

use master

go

sp_addlogin username,password

go

sp_adduser username

go

grant manage any login to username

go

0