Toad World Blog

SQL SERVER – Unable to See Tables (Objects) in SSMS

Mar 1, 2017 7:30:12 PM by Pinal Dave

Once I was thrown into an interesting situation where a client told me that he can see the data from the table but not the table. I asked him to elaborate more and he sent me below screenshots where he was unable to see the table in SSMS.

Below we can see that Sysadmin level account is connected to SQL Server and it can see database foo and also Table_1 in the database.

Below is from a non-sysadmin user who is not able to see the database in object explorer BUT when he queries the table Table_1 in foo database, it works fine.

I took a little time to capture profile when opening management studio. It didn’t take much time to realize that there is somewhere we have DENY permission applied. I have asked to share the output of below query.

USE master
GO
SELECT class
,major_id
,grantee_principal_id
,permission_name
,state_desc
FROM sys.server_permissions
WHERE state_desc = 'DENY'
GO

USE foo -- permission in database
GO

SELECT class
,major_id
,grantee_principal_id
,permission_name
,state_desc
FROM sys.database_permissions
WHERE state_desc = 'DENY'
GO

Here is the output.

So, as we can see, we have DENY permission on VIEW ANY DATABASE and that’s why we are seeing above behavior.

 

WORKAROUND / SOLUTION

We need to REVOKE the DENY permission which was given earlier.

USE master
REVOKE VIEW ANY DATABASE FROM SQL1
USE foo
REVOKE VIEW DEFINITION ON table_1 FROM SQL1

Here is the query which was used to create this scenario

USE master
DENY VIEW any database TO SQL1
USE foo
DENY VIEW DEFINITION on table_1 to SQL1

As a DBA, now you can avoid users to see the schema of database/table in SSMS. Have you used such lower level permissions in SQL Server?

Reference: Pinal Dave (http://blog.SQLAuthority.com)

Tags: SQL Server SQL Tips and Tricks

Pinal Dave

Written by Pinal Dave

Pinal Dave is a Microsoft Technology Evangelist (Database and BI). He has written over 1700 articles on the subject on his blog at http://blog.sqlauthority.com. He is a dynamic and proficient Principal Database Architect who specializes in SQL Server Performance Tuning and has 7+ years of hands-on experience. He holds a Masters of Science degree and a number of certifications, including MCTS, MCDBA and MCAD (.NET). He is also Regional Mentor for PASS Asia. Prior to joining Microsoft he was awarded Microsoft MVP award for three continuous years for his contribution in community.