SQL Server 2005 has given us the ability to allow more granular permissions, one of which is the EXECUTE AS clause. This would give the user the ability to impersonate a more privileged user should there be a need to do so. But before a user can do impersonation, it must be given the permission to impersonate. This is where the GRANT IMPERSONATE permission is needed - where a lower privileged user needs to impersonate a higher privileged user and not the other way around, I presume.
I've written an article on MSSQLTips.com to demonstrate how to use the EXCECUTE AS clause with the REVERT clause to impersonate users
No comments:
Post a Comment