Very Computer

I have created a stored procedure that executes system stored procedures.

The permissions to execute system stored procedures (sp_addlogin, sp_adduser) are
governed by the fixed database roles, and fixed server roles.  We cannot manage
these permissions for each and every database user.  Is there a way to make the
permissions to execute these statements controlled by the owner of the
procedure?  Or is there any other way around this problem?

EX:

AS


   BEGIN






  END

    There is no other way apart from adding the users to the securityadmin &
db_accessadmin roles. I am purposely leaving the option of editing the
system SP itself - which is risky to use & unsupported.
    BTW, why are you using dynamic SQL for the calls? You can just pass the
variables as parameters. Also, you have to use 'sp_grantdbaccess' in SQL70.
The SP 'sp_adduser' is provided only for backward compatibility.

--
Umachandar Jayachandran
SQL Resources at http://www.umachandar.com/resources.htm
(Please reply only to the newsgroup)

how about saving the user's the entries - i.e. logins, users, roles - to a
table; and writing a stored procedure that runs as system administator under
the SQL scheduler that does the actual sp_addlogin, etc. ?
--
Thanks,
David Satz
Principal Software Engineer
Hyperion Solutions
->Using SQL Server 7.0 SP2/6.5 SP5a/Cold Fusion 4.5.1/ADO 2.1/VB 6.0/MTS
(Please reply to group)
-----------------------------------------------------------------

I have created a stored procedure that executes system stored procedures.

The permissions to execute system stored procedures (sp_addlogin,
sp_adduser) are
governed by the fixed database roles, and fixed server roles.  We cannot
manage
these permissions for each and every database user.  Is there a way to make
the
permissions to execute these statements controlled by the owner of the
procedure?  Or is there any other way around this problem?

EX:

AS


   BEGIN






  END