Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
vanbasten
Starting Member
7 Posts |
 Posted - 2012-07-03 : 16:35:34
|
| Recently I have a db moved to a new server by attaching the mdf and ldf files. Then I setup a Windows Authenticated login using a Windows domain account on this new server. The only server role on this domain account is "public". And it has only "db_owner" role on db1.For some reason, this domain account can access all the databases on this instance (not just db1) and it can even create new databases, just like as if it has the sysadmin role (it doesn't). Is there any way to check what is wrong with the role/permission on this domain account? This domain account is not a local admin I don't think.Thanks. |
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
|
|
vanbasten
Starting Member
7 Posts |
Posted - 2012-07-03 : 18:33:16
|
| account name type privilege mapped login name permission path-----------------------------------------------------------------------------------COMPANY\account1 user admin COMPANY\account1 BUILTIN\AdministratorsYou are right. The permission path of the Domain\Username shows "BUILTIN\Administrators". However, I checked the members of Administrator and this domain account is not in there. I did copy this database from an old server (running SQL 2005) where this domain account was a local admin. After I attached this db to this new server (SQL 2008), is it possible that some permission information get carry over? Thanks. |
 |
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
|
|
|
|
|
role on a domain account