Microsoft KB Archive/247749

From BetaArchive Wiki
Knowledge Base


Article ID: 247749

Article Last Modified on 3/14/2006



APPLIES TO

  • Microsoft SQL Server 7.0 Standard Edition



This article was previously published under Q247749

BUG #: 56806 (SQLBUG_70)

SYMPTOMS

If a user or role has table level permissions and column level permissions on a particular table, the SQL Script generated using Enterprise Manager does not script both the permissions. Enterprise Manager only generates table level permissions.

STATUS

Microsoft has confirmed this to be a problem in SQL Server 7.0. This problem has been corrected in U.S. Service Pack 3 for Microsoft SQL Server 7.0. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

274799 INF: How to Obtain Service Pack 3 for Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0


For more information, contact your primary support provider.

MORE INFORMATION

Steps to Reproduce Behavior

Use these steps to reproduce the behavior:

  1. Create a table named table1 using this code:

    CREATE TABLE [dbo].[table1] (
        [col1] [varchar] (16) NOT NULL ,
        [col2] [int] NULL 
    ) ON [PRIMARY]
    GO
                        
  2. Create a Role named role1 using this code:

    EXEC sp_addrole N'role1'
                        

Case1

Run the following code:

GRANT  SELECT,  INSERT,  DELETE  ON [dbo].[table1]  TO [role1]
GO
                

Generate the SQL script using SQL Enterprise Manager. This successfully shows everything including the Table Level Permissions.

Case2

Next, run this code:

GRANT  UPDATE  ON [dbo].[table1] ([col1]) to role1
GO
                

Generate the SQL script using SQL Enterprise Manager. This successfully shows everything including the Column Level Permissions

Case3

Now, run this code:

GRANT  SELECT ,  INSERT ,  DELETE  ON [dbo].[table1]  TO [role1]
GO
GRANT  UPDATE  ON [dbo].[table1] ([col1]) to role1
GO
                

Generate the SQL script using SQL Enterprise Manager. This will only show Table Level Permissions, No Column Level Permissions.

The order of the execution of the GRANT statements (first table level then Column level or vice versa) does not matter. The generated SQL Script does not have the Column Level Permissions, but in actuality, can do all the things like UPDATE on the specific column the user is permitted to and perform all the activities that the user is permitted to at the table level. The actual permissions are intact, they just are not shown in the script that is generated.


Additional query words: column permission script

Keywords: kbbug kbfix KB247749