Grant Execute Permission to a User on all non-system stored procedures

by Posted on

We could easily grant execute permission to a user on all stored procedures on a database as below.

USE 
GO
GRANT EXECUTE TO 
GO

But unfortunately, our database will be at risk since the user would have got access to almost all stored procedures including the system stored procedures in that database. Hence use below steps to grant access to non-system stored procedures securely.

  1. Run below script on the database and copy the output. 
    • USE 
   GO
   SELECT 'EXEC(''GRANT EXECUTE ON 
      '+OBJECT_SCHEMA_NAME(object_id)+'.' + name + '
      TO []'')' 
      from sys.procedures ORDER BY name
   GO
  2. Paste the output to a new query window.
  3. Add “USE <database name>” at the beginning of the pasted output code and execute.

Note: Values inside ‘<‘ and ‘>’ has to be replaced with your actual database name and user information where ever required.

Published by Sherbaz

Technology enthusiast Sherbaz is a Microsoft certified SQL Server Subject Matter Expert. He had fun automating day to day task to achieve management goals. He has extensive hands-on experience in high availability deployments and support with several years of industry experience performing SQL Server installations, configuration, maintenance, backups, performance tuning, Transactional & P2P replication, migration, high availability solutions (Always on, Failover Clustering, Logshipping and Mirroring) and Disaster recovery. Sherbaz also has basic hands-on experience in other DBMSs like MongoDB, Oracle 9i, 10g, Sybase and MySQL. 1 year on Mongodb, Oracle 9i & 10g. Completed M102 & M202 courses in MongoDB. Sherbaz spends his spare time with automation in electronics, embedded system circuits and IOT in his private lab at home. Also, he supports his customers and users at www.SplitExpense.in for issues with app, website or telegram chat bot @SplitExpenseBot https://t.me/SplitExpenseBot. @TheSherBot https://t.me/TheSherBot is another telegram chat bot, partially artificial intelligent, programmed and maintained by him on python and backend Mongodb database. Sherbaz always showed interest learning new technologies and to think out of the box bringing innovation in work. Some of his work is documented @ www.sherbaz.com. He is now busy learning 3D modeling software on his roadmap towards building his next hobby build, A 3D PRINTER. Subscribe to his youtube channel https://www.youtube.com/c/SherbazMohamed/

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.