Permissions

I'm using sql 2000 and access 2002. I've created two
groups, users and admin. I've created two forms based on
two queries, FullView and LimitedView. Each query is
based on 10 different tables and each form is meant to be
read only. The only difference between the two queries is
a few fields that contain sensitive data.
I'm trying to use Enterprise Manager to assign
permissions. I've given the user and admin groups
db_datareader and db_datawriter permissions (both groups
will need to have write permission on other tables). I've
given both groups Select, Insert and Update on each of
the Tables the queries are based on.
I've given Select permissions for the admin group on the
FullView query and denied permissions to the users group.
And I've given Select permissions to users on the
LimitedView query.
After doing this the users can access both the FullView
and LimitedView queries.
What I'm doing wrong? Also, can anyone point me to some
information on assigning permissions?
Thanks for the help,
PaulIn future, you should start a new thread for a question instead of
piggybacking on an existing thread. Many people smiply blow by
questions that have replies. Here's a good resource to help you get
started with SQL Server security:
[url]http://www.microsoft.com/sql/techinfo/administration/2000/security/default.asp[/ur
l]
The reason the users can see both views is that you've granted them
permissions to select from the base tables. Bear in mind that if you
want users to update data through the view using Access you have to
use the VIEW_METADATA syntax when creating the view.
--Mary
On Mon, 16 Aug 2004 05:31:00 -0700, "Paul Scott"
<anonymous@.discussions.microsoft.com> wrote:

>I'm using sql 2000 and access 2002. I've created two
>groups, users and admin. I've created two forms based on
>two queries, FullView and LimitedView. Each query is
>based on 10 different tables and each form is meant to be
>read only. The only difference between the two queries is
>a few fields that contain sensitive data.
>I'm trying to use Enterprise Manager to assign
>permissions. I've given the user and admin groups
>db_datareader and db_datawriter permissions (both groups
>will need to have write permission on other tables). I've
>given both groups Select, Insert and Update on each of
>the Tables the queries are based on.
>I've given Select permissions for the admin group on the
>FullView query and denied permissions to the users group.
>And I've given Select permissions to users on the
>LimitedView query.
>After doing this the users can access both the FullView
>and LimitedView queries.
>What I'm doing wrong? Also, can anyone point me to some
>information on assigning permissions?
>Thanks for the help,
>Paul