TSQL将用户映射到数据库
所以我不能够使用企业pipe理器来做到这一点…如果我是我甚至不会问这个问题。 所以我想知道是否有通过TSQL的方式来执行一个命令,将用户映射到特定的数据库,并授予他们“所有者”的权限。
谢谢…
更改login的默认数据库:
alter login <loginname> with default_database = <dbname>;
为给定的login名在数据库中创build一个用户:
use <dbname>; create user <username> from login <loginname>;
创builddb_owner组的用户成员:
use <dbname> exec sp_addrolemember 'db_owner', '<username>';
做一个数据库的login'dbo':
alter authorization on database::<dbname> to <loginname>;
正式的,你想创build一个映射到login名的数据库用户。 要做到这一点,你可以使用:
Create User <username> For LOGIN <loginname>
这显然要求login存在。 之后,你会打电话给:
exec sp_addrolemember 'db_owner', <username>
这假定您连接到数据库的帐户有权将成员添加到db_owner
angular色。
USE [YourDB] GO CREATE USER [xyx] FOR LOGIN [xyz] GO ALTER USER [xyz] WITH DEFAULT_SCHEMA=[dbo] GO EXEC sp_addrolemember N'db_owner', N'xyz' GO
CREATE USER和sp_addrolemember
我完整的SQL解决scheme。 您可以根据您的需求进行定制:
#region SQL-SERVER-FUNCTION /// <summary> /// Assign User in to specific role for SQL server database /// </summary> /// <param name="Server">Server address - example: yourServer.cloudapp.net,1433</param> /// <param name="UserID">User name with sysadmin role</param> /// <param name="Database">User database</param> /// <param name="Role">New role for this user</param> /// <param name="UserToRole">User assigned to new role</param> public static void AddUserToRoles(string Server, string UserID, string Password, string Database, string Role, string UserToRole) { SqlConnection connection = new SqlConnection(); connection.ConnectionString = "SERVER = " + Server + "; DATABASE = " + Database + " ; User ID = " + UserID + "; Pwd = " + Password; string sqlCreateDBQuery = " EXEC sp_addrolemember '" + Role + "', " + UserToRole; SqlCommand myCommand = new SqlCommand(sqlCreateDBQuery, connection); try { connection.Open(); myCommand.ExecuteNonQuery(); } catch{}//(System.Exception ex) finally { connection.Close(); } return; } /// <summary> /// Create new User in specified database base on Login in SQL server /// </summary> /// <param name="Server">Server address - example: yourServer.cloudapp.net,1433</param> /// <param name="UserID">User name with sysadmin role</param> /// <param name="Database">Database for created user</param> /// <param name="NewUser">New user Name</param> /// <param name="FromLogin">Create user base on this SQL server login</param> public static void CreateUserInDatabase(string Server, string UserID, string Password, string Database, string NewUser, string FromLogin) { SqlConnection connection = new SqlConnection(); connection.ConnectionString = "SERVER = " + Server + "; DATABASE = "+ Database + " ; User ID = " + UserID + "; Pwd = " + Password; string sqlCreateDBQuery = "CREATE USER " + NewUser + " FROM LOGIN " + FromLogin; SqlCommand myCommand = new SqlCommand(sqlCreateDBQuery, connection); try { connection.Open(); myCommand.ExecuteNonQuery(); } catch { }//(System.Exception ex) finally { connection.Close(); } return; } /// <summary> /// Create new Login in SQL server /// </summary> /// <param name="Server">Server address - example: yourServer.cloudapp.net,1433</param> /// <param name="UserID">User name with sysadmin role</param> /// <param name="Password">Sysadmin user password</param> /// <param name="NewLoginName">New Login Name</param> /// <param name="NewLoginPassword">Password for new Login</param> public static void CreateLoginInSqlServer(string Server, string UserID, string Password, string NewLoginName, string NewLoginPassword) { SqlConnection connection = new SqlConnection(); connection.ConnectionString = "SERVER = " + Server + "; DATABASE = master; User ID = " + UserID + "; Pwd = " + Password; string sqlCreateDBQuery = "CREATE LOGIN [" + NewLoginName + "] WITH PASSWORD='"+ NewLoginPassword +"' " + ", CHECK_POLICY=OFF, DEFAULT_DATABASE=db_crs_0002, DEFAULT_LANGUAGE=[English];"; SqlCommand myCommand = new SqlCommand(sqlCreateDBQuery, connection); try { connection.Open(); myCommand.ExecuteNonQuery(); } catch { }//(System.Exception ex) finally { connection.Close(); } return; } /// <summary> /// Create new empty database on SQL server base on model database stored in SQL server /// </summary> /// <param name="Server">Server address - example: yourServer.cloudapp.net,1433</param> /// <param name="NewDatabaseName">Name for new database</param> /// <param name="UserID">User name with sysadmin role</param> /// <param name="Password">Sysadmin user password</param> public static void CreateNewDatabaseSqlserver(string Server, string NewDatabaseName, string UserID, string Password) { string sqlCreateDBQuery = " CREATE DATABASE " + NewDatabaseName; SqlConnection connection = new SqlConnection(); connection.ConnectionString = "SERVER = " + Server + "; DATABASE = master; User ID = " + UserID + "; Pwd = " + Password; SqlCommand myCommand = new SqlCommand(sqlCreateDBQuery, connection); try { connection.Open(); myCommand.ExecuteNonQuery(); } catch { }//(System.Exception ex) finally { connection.Close(); } return; } #endregion
使用:在SQL服务器上创build使用系统pipe理员权限进行login:AdminAPI
SQLserverAPI.CreateNewDatabaseSqlserver("yourServer.cloudapp.net,1433", "databaseName", "AdminAPI", "password*"); SQLserverAPI.CreateLoginInSqlServer("yourServer.cloudapp.net,1433", "AdminAPI", "password*", "My_Login", "password*"); SQLserverAPI.CreateUserInDatabase("yourServer.cloudapp.net,1433", "AdminAPI", "password*", "databaseName", "User1", "My_Login"); SQLserverAPI.AddUserToRoles("yourServer.cloudapp.net,1433", "AdminAPI", "password*", "databaseName", "db_datareader", "User1"); SQLserverAPI.AddUserToRoles("yourServer.cloudapp.net,1433", "AdminAPI", "password*", "databaseName", "db_datawriter", "User1"); SQLserverAPI.AddUserToRoles("yourServer.cloudapp.net,1433", "AdminAPI", "password*", "databaseName", "db_owner", "User1");
当然,通常情况下,您不希望将所有者权限授予用户。 这就是我们这些在DBA世界里所说的“坏事”。