How to create a new user in a remote offline database without elevating roles [closed]

Question

Closed. This question needs details or clarity. It is not currently accepting answers.

---

Want to improve this question? Add details and clarify the problem by editing this post.

Closed last year.

Improve this question

An enterprise C++ system that needs to be "translated", uses ODBC for connecting to SQL Server Database.

The system has one central main database, many distributed local databases, which are actually offline and are periodically kept updated with the central database by exchanging merging xml files, something like a star topology. The distributed databases are stored on many different OS and different local domains.

Each user has been registered in the SQL Server and with certain user roles on the database. The number of login users at the database were kept fixed.

My question is how the remote new user to create/update his own profile and/or credentials without the need to elevate his rights.

Answer 1

Use a signed stored procedure. The right to alter logins is encapsulated within the SP. The users only have rights to execute the SP, not amend logins directly. You may need several SPs to cover different aspects for administration.