How to create a new user in a remote offline database without elevating roles [closed]
https://dba.stackexchange.com/questions/259520
-
23-02-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
An enterprise C++ system that needs to be "translated", uses ODBC for connecting to SQL Server Database.
The system has one central main database, many distributed local databases, which are actually offline and are periodically kept updated with the central database by exchanging merging xml files, something like a star topology. The distributed databases are stored on many different OS and different local domains.
Each user has been registered in the SQL Server and with certain user roles on the database. The number of login users at the database were kept fixed.
My question is how the remote new user to create/update his own profile and/or credentials without the need to elevate his rights.
Solution
Use a signed stored procedure. The right to alter logins is encapsulated within the SP. The users only have rights to execute the SP, not amend logins directly. You may need several SPs to cover different aspects for administration.
