Please start any new threads on our new site at https://forums.sqlteam.com. We've got lots of great SQL Server experts to answer whatever question you can come up with.

 All Forums
 General SQL Server Forums
 New to SQL Server Administration
 Delete permission Denied

Author  Topic 

dolphin123
Yak Posting Veteran

84 Posts

Posted - 2013-08-15 : 09:43:54
Hello,

Version: SQL server 2008
I created a Windows SQL server account, not a SQL account (i.e. added an account that is on AD.

Added "public" and "db_owner" permission to a database.

when that user runs a simple "delete" command, he gets "delete permission denied" error.

When I give him "server role" sys admin, he is able to run this command.

I really thought db_owner permission should give him to run any scripts except for some hardcore permission changed on that database.

Am I wrong? Or is something wrong with this user.

I even tried deleting his accounts from the database (Database - users) and re adding him but it doesn't work.

- D

Hommer
Aged Yak Warrior

808 Posts

Posted - 2013-08-15 : 11:41:56
Have you mapped or added that user to the db_owner database role?
Go to Top of Page

jeffw8713
Aged Yak Warrior

819 Posts

Posted - 2013-08-19 : 14:35:41
Is that user a part of an AD security group - where that security group has explicitly been denied delete access to the tables?
Go to Top of Page

tkizer
Almighty SQL Goddess

38200 Posts

Posted - 2013-08-19 : 15:53:41
Is it simple delete command or is it trying to accessing an object in another database? If the answer is no, then the issue must be what Jeff mentioned.

Tara Kizer
Microsoft MVP for Windows Server System - SQL Server
http://weblogs.sqlteam.com/tarad/

Subscribe to my blog
Go to Top of Page

Bustaz Kool
Master Smack Fu Yak Hacker

1834 Posts

Posted - 2013-08-19 : 18:18:15
Is there a trigger on the table?

=================================================
The cure for anything is salt water -- sweat, tears, or the sea. -Isak Dinesen
Go to Top of Page

dolphin123
Yak Posting Veteran

84 Posts

Posted - 2014-06-25 : 12:11:32
This is unbelievable.
Here is the summary
===================
There user belongs to 7 AD user groups that has an account on this SQL server instance.
Only one of them has access to the Database in question. (When I select Security - Logins - User Mapping).
And this group has db_owner permission on the database (If I see in Usermapping for the database; Server role is public).
On the the database, i did this:

select * from sys.database_permissions
where grantee_principal_id in (USER_ID('domainname\Group'))

it returns this:
http://screencast.com/t/alTPJbmZPXAr

So, i guess this is ok. or should it say "Delete" under "permissions" column there?

So confused with this issue.
Go to Top of Page

rajbtm05
Starting Member

3 Posts

Posted - 2014-07-09 : 03:51:40
It so happens with few database objects that user with db_owner role is not able to perform the required operations.

For a workaround, you can exclusively grant delete privileges on the objects required using GRANT DELETE.

If you want to review further on the cause, look for the login 'dbo' is mapped to and reset owner to 'sa'.
Go to Top of Page
   

- Advertisement -