设置:SQL Server 2005& DotNetNuke 05.01.02。
这开始于我尝试在其SQL脚本中安装具有“select * from dbo.sysobjects”的DNN模块。失败,出现以下错误:
拒绝了SELECT权限 对象'sysobjects',数据库 'mssqlsystemresource',schema'sys'。
我通过SQL Server Management Studio作为DNN用户帐户登录到数据库,当我尝试在sysobjects视图上执行SELECT时,我收到了同样的错误。
我尝试向该视图授予DNN用户帐户显式SELECT权限。当我通过去安全检查它 - >用户 - > DNNUserLogin->右键单击 - >属性 - > Securables并向下滚动以查找sys.sysobjects视图,它表示此用户帐户具有dbo的显式权限:并且选中SELECT复选框。但我仍然无法在sysobjects视图上执行选择作为该DNN用户帐户。
我做错了什么?我怎样才能做到这一点?
答案 0 :(得分:96)
这也是用户具有拒绝权限的问题;在我急于授予权限我基本上给了用户一切。否认是杀了它。因此,只要我删除了这些权限,就可以了。
答案 1 :(得分:31)
通过删除数据库用户的数据库角色db_denydatawriter和db_denydatreader,我遇到了同样的错误并已解决。为此,请在登录时选择相应的数据库用户>>属性>>用户映射>>找出数据库并选择它>>取消选中提到的Db用户角色。多数民众赞成!!
答案 2 :(得分:4)
在良好的服务器上执行此代码,该服务器将为您提供PUBLIC角色的完整权限。复制输出并粘贴到出现问题的服务器。执行。尝试重新登录。它解决了我们的问题。
SELECT SDP.state_desc ,
SDP.permission_name ,
SSU.[name] AS "Schema" ,
SSO.[name] ,
SSO.[type]
FROM sys.sysobjects SSO
INNER JOIN sys.database_permissions SDP ON SSO.id = SDP.major_id
INNER JOIN sys.sysusers SSU ON SSO.uid = SSU.uid
ORDER BY SSU.[name] ,
SSO.[name]
答案 3 :(得分:1)
因为可能出现的问题有很多可能性。这是另一种可能性。我碰到了在数据库中设置自己角色的东西。 (例如,"管理员","经理"," DataEntry","客户",每个都有各自的限制)唯一的可以使用它的人是"经理"角色或以上 - 因为它们也被设置为sysadmin,因为它们正在向数据库添加用户(并且它们是高度可信的)。此外,正在添加的用户是Windows域用户 - 使用他们的域凭据。 (每个有权访问数据库的人都必须在我们的域上,但不是域上的每个人都可以访问数据库 - 只有少数人有权更改它。)
无论如何,这个工作系统突然停止工作,我收到类似于上面的错误消息。我最终做到这一点解决了它是通过"公共"的所有权限。该数据库中的角色,并将这些权限添加到我创建的所有角色。我知道每个人都应该进入公共场所。角色即使你无法添加它们(或者更确切地说,你可以"添加"它们,但是他们赢了"#34;保持添加")。
因此,在" SQL Server Management Studio"中,我进入了我的应用程序的数据库,换句话说(我的本地化名称在<>括号内)被隐藏了:" (SQL Server - sa)" \ Databases \\ Security \ Roles \ Database Roles \ public"。右键单击" public"并选择"属性"。在"数据库角色属性 - 公共"对话框,选择" Securables"页。浏览列表,对于列表中的每个元素,提出一个SQL" Grant"声明准确授予另一个角色的权限。因此,例如,有一个标量函数" [dbo]。[fn_diagramobjects]"其中"公共"角色有"执行"特权。所以,我添加了以下一行:
EXEC ( 'GRANT EXECUTE ON [dbo].[fn_diagramobjects] TO [' + @RoleName + '];' )
一旦我为" Securables"中的所有元素做了这个。 list,我在光标的while循环中将其包装起来,选择我的角色表中的所有角色。这明确授予了" public"的所有权限。角色到我的数据库角色。那时,我的所有用户都再次工作(即使我删除了他们的"系统管理员"访问 - 作为临时措施完成,同时我弄清楚发生了什么。)
我确定通过对数据库对象进行某种查询并选择公共角色来做更好(更优雅)的方法,但经过大约一半小时的调查,我没有搞清楚,所以我只是用蛮力的方法做到了。万一它可以帮助别人,这就是我的代码。
CREATE PROCEDURE [dbo].[GrantAccess]
AS
DECLARE @AppRoleName AS sysname
DECLARE AppRoleCursor CURSOR LOCAL SCROLL_LOCKS FOR
SELECT AppRoleName FROM [dbo].[RoleList];
OPEN AppRoleCursor
FETCH NEXT FROM AppRoleCursor INTO @AppRoleName
WHILE @@FETCH_STATUS = 0
BEGIN
EXEC ( 'GRANT EXECUTE ON [dbo].[fn_diagramobjects] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT EXECUTE ON [dbo].[sp_alterdiagram] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT EXECUTE ON [dbo].[sp_creatediagram] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT EXECUTE ON [dbo].[sp_dropdiagram] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT EXECUTE ON [dbo].[sp_helpdiagramdefinition] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT EXECUTE ON [dbo].[sp_helpdiagrams] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT EXECUTE ON [dbo].[sp_renamediagram] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[all_columns] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[all_objects] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[all_parameters] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[all_sql_modules] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[all_views] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[allocation_units] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[assemblies] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[assembly_files] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[assembly_modules] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[assembly_references] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[assembly_types] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[asymmetric_keys] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[certificates] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[change_tracking_tables] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[check_constraints] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[column_type_usages] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[column_xml_schema_collection_usages] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[columns] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[computed_columns] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[conversation_endpoints] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[conversation_groups] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[conversation_priorities] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[crypt_properties] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[data_spaces] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[database_audit_specification_details] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[database_audit_specifications] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[database_files] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[database_permissions] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[database_principal_aliases] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[database_principals] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[database_role_members] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[default_constraints] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[destination_data_spaces] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[event_notifications] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[events] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[extended_procedures] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[extended_properties] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[filegroups] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[foreign_key_columns] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[foreign_keys] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[fulltext_catalogs] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[fulltext_index_catalog_usages] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[fulltext_index_columns] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[fulltext_index_fragments] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[fulltext_indexes] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[fulltext_stoplists] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[fulltext_stopwords] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[function_order_columns] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[identity_columns] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[index_columns] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[indexes] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[internal_tables] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[key_constraints] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[key_encryptions] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[message_type_xml_schema_collection_usages] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[module_assembly_usages] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[numbered_procedure_parameters] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[numbered_procedures] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[objects] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[parameter_type_usages] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[parameter_xml_schema_collection_usages] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[parameters] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[partition_functions] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[partition_parameters] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[partition_range_values] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[partition_schemes] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[partitions] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[plan_guides] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[procedures] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[remote_service_bindings] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[routes] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[schemas] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[service_contract_message_usages] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[service_contract_usages] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[service_contracts] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[service_message_types] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[service_queue_usages] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[service_queues] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[services] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[spatial_index_tessellations] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[spatial_indexes] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[sql_dependencies] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[sql_modules] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[stats] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[stats_columns] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[symmetric_keys] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[synonyms] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[syscolumns] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[syscomments] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[sysconstraints] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[sysdepends] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[sysfilegroups] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[sysfiles] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[sysforeignkeys] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[sysfulltextcatalogs] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[sysindexes] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[sysindexkeys] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[sysmembers] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[sysobjects] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[syspermissions] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[sysprotects] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[sysreferences] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[system_columns] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[system_objects] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[system_parameters] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[system_sql_modules] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[system_views] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[systypes] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[sysusers] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[table_types] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[tables] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[transmission_queue] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[trigger_events] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[triggers] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[type_assembly_usages] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[types] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[views] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[xml_indexes] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[xml_schema_attributes] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[xml_schema_collections] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[xml_schema_component_placements] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[xml_schema_components] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[xml_schema_elements] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[xml_schema_facets] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[xml_schema_model_groups] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[xml_schema_namespaces] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[xml_schema_types] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[xml_schema_wildcard_namespaces] TO [' + @AppRoleName + '];' )
EXEC ( 'GRANT SELECT ON [sys].[xml_schema_wildcards] TO [' + @AppRoleName + '];' )
FETCH NEXT FROM AppRoleCursor INTO @AppRoleName
END
CLOSE AppRoleCursor
RETURN 0
GO
一旦在系统中,我只需要" Exec GrantAccess"使它工作。 (当然,我有一个表[RoleList],其中包含一个" AppRoleName"字段,其中包含数据库角色的名称。
所以,这个谜团仍然存在:为什么我的所有用户都会失去他们的公共"角色,为什么我不能把它还给他们?这部分是对SQL Server 2008 R2的更新吗?是因为我运行了另一个脚本来删除每个用户并将其添加回来以刷新他们与域的连接?嗯,这解决了现在的问题。
最后一个警告:你可能应该检查一下" public"在运行此系统之前在您的系统上的角色,以确保没有遗漏或错误,这里。您的系统始终存在一些不同之处。
希望这有助于其他人。
答案 4 :(得分:0)
看起来某人可能已撤消对sys.configurations的权限
为了公共角色。或拒绝访问此特定用户的此视图。或者,在从sys.configurations表中删除公共角色后创建了用户。
向公共用户SELECT对象提供sys.configurations权限。
答案 5 :(得分:0)
I solved this by referring properties of login user under the security, logins. then go to User Mapping and select the database then check db_datareader and db_dataweriter options.
答案 6 :(得分:0)
在我的情况下,我的网站托管在共享托管上,并且资源利用率过高甚至与我的数据库无关,因此数据库被锁定,托管面板为Plesk
答案 7 :(得分:0)
就我而言,只需授予用户对数据库的权限即可修复它。
所以右键单击数据库-> 单击属性-> [左侧菜单] 单击权限-> 并向下滚动到备份数据库-> 勾选“授予”