AnsweredAssumed Answered

how to hide SDE Schema

Question asked by haniu_ntt on Sep 10, 2014
Latest reply on Sep 10, 2014 by haniu_ntt

dear experts,


I am confused.


I create a new login "dbadmin" with Server Role : Public, Diskadmin, securityadmin,sysadmin, serveradmin and dbcreator

I already have a geodatabase with the system table under schema SDE. and also i have some tables under DBO schema

With this dbadmin, i create a Database Role: role_editor, and also i create user named "user_editor". User_editor is member of role_editor


In the Database Role property for role_editor, i specify permission for dbo: SELECT,INSERT,ALTER,EXECUTE,DELETE and UPDATE. For sde, i do not specify any permissions.


Question is:

1. when i log on as user_editor, I can see all tables in SDE schema. I can do "select * from sde.tabelxxx" too. Why ? Should SDE tables be hidden ?

2. Then I change the permission of sde in Database Role role_editor so that the SELECT is DENY. Then I cant do SELECT. Why should I specify DENY SELECT for SDE schema ? Shouldnt SELECT is automatically denied since i do not state the permission on SDE schema ?

3. Shouldnt it the other way around, i should specify permission in the Database Role for SDE schema instead of DBO ?


[Database: SQL Server 2012, ArcSDE 10.1]