The SELECT ALL USER SECURABLES
permission in SQL Server 2014 CTP1 is a very useful new server-level permission.
When granted, the login that was granted this permission can view the data in all databases that the user can connect to.
For example, consider a scenario where you have the following three databases:
Each database has a different login that accesses its data. So if you do not have sysadmin access on the SQL Server instance, in order to access the data in all databases you will have to log in three times, each time using a different login.
However, if the DBA grant a new login (for example db123) with the "SELECT ALL USER SECURABLES" permission then the new login will be able to access the data in all three databases.
Using the visual way, you can achieve this using two steps:
|Step 1: Map the login (db123) to the default schema of DB1, DB2 and DB3|
|Step 2: Grant the login (db123) with the "Select All User Securables" permission|
As you can see in the last screenshot, it was possible to retrieve the data from all three databases by just using the login db123 which was only granted with the server-level permission "Select All User Securables":
My Latest Projects:
Labels: SQL Server 2014, SQL Server Administration