使用Micorosoft Sync Framework与批量程序同步两个sql数据库需要哪些权限?

时间:2017-11-03 13:54:13

标签: sql-server permissions synchronization microsoft-sync-framework

我使用Microsoft Sync Framework在C#中编写了一个程序来同步两个sql数据库。成功配置服务器和客户端后, 我在启动同步的客户端上设置了以下权限:

groups:
    orders:
        items:
            - route: admin_something_list

我使用以下资源将上面的脚本放在一起:

但是,当我运行程序时,会记录以下错误:

  

带有ParameterName' @ changeTable'的SqlParameter不包含在此SqlParameterCollection

将执行查询的用户映射到内置GRANT VIEW CHANGE TRACKING ON OBJECT::dbo.My_Table to my_role GRANT DELETE ON [dbo].[My_Table_tracking] TO [my_role] AS [dbo] GRANT INSERT ON [dbo].[My_Table_tracking] TO [my_role] AS [dbo] GRANT SELECT ON [dbo].[My_Table_tracking] TO [my_role] AS [dbo] GRANT UPDATE ON [dbo].[My_Table_tracking] TO [my_role] AS [dbo] GRANT DELETE ON [dbo].[scope_info] TO [my_role] AS [dbo] GRANT INSERT ON [dbo].[scope_info] TO [my_role] AS [dbo] GRANT SELECT ON [dbo].[scope_info] TO [my_role] AS [dbo] GRANT UPDATE ON [dbo].[scope_info] TO [my_role] AS [dbo] GRANT DELETE ON [dbo].[scope_config] TO [my_role] AS [dbo] GRANT INSERT ON [dbo].[scope_config] TO [my_role] AS [dbo] GRANT SELECT ON [dbo].[scope_config] TO [my_role] AS [dbo] GRANT UPDATE ON [dbo].[scope_config] TO [my_role] AS [dbo] GRANT EXECUTE ON [dbo].[My_Table_selectrow] TO [my_role] AS [dbo] GRANT EXECUTE ON [dbo].[My_Table_update] TO [my_role] AS [dbo] GRANT EXECUTE ON [dbo].[My_Table_updatemetadata] TO [my_role] AS [dbo] GRANT EXECUTE ON [dbo].[My_Table_selectchanges] TO [my_role] AS [dbo] GRANT EXECUTE ON [dbo].[My_Table_insertmetadata] TO [my_role] AS [dbo] GRANT EXECUTE ON [dbo].[My_Table_insert] TO [my_role] AS [dbo] GRANT EXECUTE ON [dbo].[My_Table_deletemetadata] TO [my_role] AS [dbo] GRANT EXECUTE ON [dbo].[My_Table_delete] TO [my_role] AS [dbo] GRANT EXECUTE ON [dbo].[My_Table_bulkupdate] TO [my_role] AS [dbo] GRANT EXECUTE ON [dbo].[My_Table_bulkinsert] TO [my_role] AS [dbo] GRANT EXECUTE ON [dbo].[My_Table_bulkdelete] TO [my_role] AS [dbo] 角色后,该程序可以正常运行。

有什么办法,我可以比较授予db_ownermy_role的有效权限吗?如何调试sql server的权限问题(ssms中显示的sql server log没有显示与我的问题相关的任何内容)?或者:使Microsoft Sync Framework与批量过程同步两个数据库需要哪些确切的权限?

2 个答案:

答案 0 :(得分:1)

  

有什么办法,我可以比较授予的有效权限   my_role和db_owner?

要查看您的角色成员拥有哪些权限,您应该模拟属于您的角色my_role的用户并检查其权限,如下所示:

execute as user = 'my_user_member_of_my_role';
select *
from sys.fn_my_permissions(null, 'database');
revert;

然后检查db_owner具有哪些权限:通过冒充db_owner角色的某个成员来执行相同操作,或者如果您sysadmin只是跳过假冒:

execute as user = 'my_user_member_of_db_owner'; -- skip it if you are sysadmin
select *
from sys.fn_my_permissions(null, 'database');
revert; -- skip it if you are sysadmin
  

如何调试sql server(sql server)的权限问题   在ssms中显示的日志没有显示与我的问题相关的任何内容)?

你应该意识到这个错误:

  

带有ParameterName' @ changeTable'的SqlParameter不包含在内   这个SqlParameterCollection

不是SQL Server错误

因此,您的程序出错,请使用您的编程环境对其进行调试。

  

或:制作Microsoft Sync需要哪些确切权限   框架使用批量程序同步两个数据库?

您应该执行哪些确切的代码?

如果您在此处列出要运行的命令,我将为您写下所有必要的权限。

P.S。如果您使用BULK INSERT,则应具有ADMINISTER BULK OPERATIONS服务器级权限。此权限未授予db_owner。因此,如果是问题,则无法通过将用户添加到db_owner数据库角色来解决问题。

答案 1 :(得分:0)

负责批量操作的存储过程使用用户定义的表类型,该类型以要同步的表命名,例如: Mytable_BulkType。要执行这些过程,用户需要对表类型具有以下权限:

GRANT CONTROL ON TYPE::[dbo].[MyTable_BulkType] TO [my_role] AS [dbo]
相关问题
最新问题