1

I want to assign such rights to a remote user so he can create a new linked server and can change only those linked servers that are created by him. How can I accomplish this? I have read about granting these permissions

GRANT alter any login TO [abc]

GRANT CONTROL SERVER TO [abc]

GRANT ALTER ANY LINKED SERVER TO [abc]*

But with these permission, still this user can not create a new linked server through management studio. But he can create a new linked server with sp_addlinkedserver. How can I solve that? Moreover this user can alter any linked server that is not desired. So how can he only alter those linked server that are created by him.

I do not want to give him Sysadmin rights. This user is owning only few databases on servers. And other databases are from some other vendors.

Any help would be appreciated!

4

1 回答 1

0

如果你可以限制你需要他运行的功能;您可以覆盖这些过程并使用Execute As来限制他可以运行的功能。如果您将特定的链接服务器限制为由他创建的服务器,那么在您的 sp_addlinkedserver 版本中添加一个记录所创建内容的表,然后在以后的过程中将其用作权限检查。

于 2012-04-26T12:28:00.073 回答