先贴上我实际测试的效果

方法一:

Problem

I have a SQL Server instance that has hundreds of databases.  Navigating the database tree in SSMS is a pain and I was wondering if there was a way to limit the list of databases that I see in SSMS?

Solution

SQL Server consolidation is becoming more popular these days to reduce costs and therefore more and more databases are being put on one instance. It is very common to host multiple databases on a consolidated instance from multiple applications and departments and sometimes application owners want to hide their databases to other users of the instance. They do not want to make their database visible to others. This tip will give you an understanding on how databases can be hidden.

Setup

Suppose there are two databases A and B from two different applications and they are hosted on the same SQL Server instance. The users of database A are not allowed to see database B and vice versa. Here we will create two different logins user_A and user_B and give them appropriate rights to their own databases.

CREATE DATABASE A

GO

CREATE DATABASE B

GO

CREATE LOGIN user_A with password='U$er_A@1234'

Go

CREATE LOGIN user_B with password='U$er_B@1234'

Go

USE A

GO

CREATE USER user_A for login user_A;

GO

EXEC sp_addrolemember 'db_owner', 'user_A'

GO

USE B

GO

CREATE USER user_B for login user_B

GO

EXEC sp_addrolemember 'db_owner', 'user_B'

NOTE:-DO NOT MAKE CHANGES IN PRODUCTION WITHOUT PROPER TESTINGS IN LOWER-LIFE CYCLE ENVIRNOMENTS

Hiding all user databases for all logins

Suppose you want to hide all databases for all logins. Generally we hide our databases for security purposes. We can run the below statements to hide all databases for all logins. The databases will then only be visible to sysadmin logins or owners of the database.

USE MASTER

GO

DENY VIEW ANY DATABASE TO PUBLIC

GO

Once you run the above statement, you will not be able to see any databases in SQL Server Management Studio unless you are a sysadmin or your login is the owner of a database(s).

Here you can see in the below screen shot, I have connected using logins user_A and user_B and none of the user databases are showing after running the Deny View access to public.

Only sysadmins and database owners can see databases

To allow the logins to see their databases, I will make both logins the owners for their respective databases. User_A will be owner of database A and user_B will be the owner of database B. Run the below statements to change the database owners.

USE A

GO

SP_changedbowner [USER_A]

GO

USE B

GO

SP_changedbowner [USER_B]

We can check the database owners by running sp_helpdb. As you can see in the below screenshot that the database owners have been changed for both databases.

Now we can connect to the SQL Server instance again using both logins and see the changes compared to before.  Here we can see that only one database is visible for both logins. Database A is visible to user_A and database B is visible to user_B. This is because both logins are now the database owners of these databases.

Does making a user a db_owner work

Now we will create a new login user_C and assign db_owner access to both databases and check whether these databases are visible to this new login.

CREATE LOGIN user_C with password='U$er_c@13'

GO

USE A

GO

CREATE USER user_C for login user_C;

GO

EXEC sp_addrolemember 'db_owner', 'user_C'

GO

USE B

GO

CREATE USER user_c for login user_C

GO

EXEC sp_addrolemember 'db_owner', 'user_C'

As we can see below, neither of these databases are visible for login user_C.  So from this we can see that you have to be the database owner to be able to see the databases in SQL Server Management Studio if the DENY VIEW ANY DATABASE is enabled for public.

Steps to hide databases for a specific login

Suppose we don't want to do this across the board, but only do this for a specific login.  We can run the below statement instead of DENY VIEW ANY DATABASE TO PUBLIC. After running the below statement, this login won't be able to see databases except for any database that this login is the database owner, but all other logins can see the database as long as you did not also deny view to Public.

USE MASTER

GO

GRANT VIEW ANY DATABASE TO PUBLIC; -- turn this back on if it was off

GO

DENY VIEW ANY DATABASE TO USER_A;

GO

Steps to view all databases

By default, the VIEW ANY DATABASE permission is granted to the public role. Therefore, by default, every user that connects to an instance of SQL Server can see all databases in the instance. To grant the VIEW ANY DATABASE permission to a specific login or to all logins run the following query:

--To grant the VIEW ANY DATABASE permission to a specific login.

USE MASTER

GO

GRANT VIEW ANY DATABASE TO [login_name];

GO

--To grant the VIEW ANY DATABASE permission to public.

USE MASTER

GO

GRANT VIEW ANY DATABASE TO PUBLIC;

Go

Note that if you use the DENY VIEW to PUBLIC this overrides the setting for an individual login, so if you DENY VIEW to PUBLIC and GRANT VIEW to a specific login this login will still not be able to see the databases.

If you are using DENY VIEW to PUBLIC and you want a login to still be able to see all databases without making that login a sysadmin you can do the following.  Make the login a user in the master database and make that user a db_owner of the master database.  This is not a very good option from a security perspective, but this does work.  This way a login can see all databases without having to be a sysadmin.

Conclusion

As you can see from the above, there are limited options to hiding databases.  Once you hide all databases the only logins that can see the databases are the logins that are the owners of the database or if the login is a sysadmin.  Also, each database can only have one owner, so you can't assign multiple owners to the same database.

Next Steps
  • Follow this process to hide your databases in SQL Server Management Studio.
  • Read more SSMS tips

引用资料:How to hide SQL Server user databases in SQL Server Management Studio

方法二:

引用地址

USE master;

GO

DENY VIEW ANY DATABASE TO [newlogin]; --关闭指定用户的查看任意数据库权限

GO

USE yourDB;

GO

DROP USER newlogin;--从指定数据库中删除登录用户

GO

USE master;

GO

ALTER AUTHORIZATION ON DATABASE::yourDB TO [newlogin];--对指定数据库重新授权用户(同时也修改了拥有者)

GO

sql server 中隐藏掉无关数据库的更多相关文章

  1. 转:SQL Server中服务器角色和数据库角色权限详解

    当几个用户需要在某个特定的数据库中执行类似的动作时(这里没有相应的Windows用户组),就可以向该数据库中添加一个角色(role).数据库角色指定了可以访问相同数据库对象的一组数据库用户. 数据库角 ...

  2. SQL Server中怎么查看每个数据库的日志大小,以及怎么确定数据库的日志文件,怎么用语句收缩日志文件

    一,找到每个数据库的日志文件大小 SQL Server:查看SQL日志文件大小命令:dbcc sqlperf(logspace) DBA 日常管理工作中,很重要一项工作就是监视数据库文件大小,及日志文 ...

  3. SQL Server 中4个系统数据库,Master、Model、Msdb、Tempdb。

    (1)Master数据库是SQL Server系统最重要的数据库,它记录了SQL Server系统的所有系统信息.这些系统信息包括所有的登录信息.系统设置信息.SQL Server的初始化信息和其他系 ...

  4. 如何隐藏掉SQL Server中自带系统数据库,数据表,存储过程等显示文件,只显示用户的数据库,数据表等文件

    企业管理器了,---->   编辑该数据库的注册属性--->“常规”属性页下面-->“显示系统数据库和系统对象”的选项去掉

  5. sql server中的系统数据库

    1.master数据库 master是SQL Server中最重要的数据库,是整个数据库服务器的核心.用户不能直接修改该数据库,如果损坏了master数据库,整个SQL Server服务器将不能工作. ...

  6. 多个程序对sql server中的表进行查询和插入操作导致死锁

    最近在做一个项目,是要用多个程序对sql server中的相同的数据库进行操作(查询和插入),所以在开始的时候常会出现死锁问题,后来在网上进行了咨询,发现了一些解决方法,留作大家参考: 并发去操纵一张 ...

  7. 解决SQL Server中无管理员账户权限问题

    遇到忘记SQL Server管理员账户密码或管理员账户被意外删除的情况,如何在SQL Server中添加一个新的管理员账户?按一下步骤操作可添加一个windows账户到SQL Server中,并分配数 ...

  8. SQL Server 中为何拥有db_owner权限的账号删除不掉数据库

    今天在公司的SQL Server服务器上,使用了一个只有public和dbcreator角色的账号"user1"在SMSS中去删除一个数据库,但是死活报错说没有权限,报错如下: D ...

  9. 如何进行数据库,比如ORACLE,SQL SERVER的逆向工程,将数据库导入到PowerDesigner中

    Oracle的反向工程就是指将Oracle中的数据库,当然也可以是SQL Server中的数据库导入到PD中,这个需要建立一个数据库的链接,然后进行逆向工程的操作. 第一步:建立数据库的链接: Pow ...

随机推荐

  1. C#开发微信门户及应用(4)--关注用户列表及详细信息管理

    在上个月的对C#开发微信门户及应用做了介绍,写过了几篇的随笔进行分享,由于时间关系,间隔了一段时间没有继续写这个系列的博客了,并不是对这个方面停止了研究,而是继续深入探索这方面的技术,为了更好的应用起 ...

  2. Java第三方数据库连接池库-DBCP-C3P0-Tomcat内置连接池

    连接池原理 数据库连接池的基本思想就是为数据库连接建立一个“缓冲池”.预先在缓冲池中放入一定数量的连接,当需要建立数据库连接时,只需从“缓冲池”中取出一个,使用完毕之后再放回去.我们可以通过设定连接池 ...

  3. 模块化你的JS代码

    为什么要使用模块模式? 因为在全局作用域中声明的变量和函数都自动成为全局对象Window的属性,这经常会导致命名冲突,还会导致一些非常重要的可维护性难题,全局变量越多,引入错误BUG的概率就越大!所以 ...

  4. 中国式商业智能报表ActiveReports免费公开课,10月20日开讲

    ActiveReports公开课全方位报表解决方案,满足商业报表五大需求 [开课时间]10月20日[主讲老师]葡萄城报表产品经理[开课形式]网络在线公开课[活动费用]前50名免费 适合人群:报表开发人 ...

  5. java socket传送一个结构体给用C++编写的服务器解析的问题

    另一端是Java写客户端程序,两者之间需要通信.c++/c接收和发送的都是结构体,而Java是直接发送的字节流或者byte 数组.解决方法:c++/c socket 在发送结构体的时候其实发送的也是字 ...

  6. swift学习笔记3——类、结构体、枚举

    之前学习swift时的个人笔记,根据github:the-swift-programming-language-in-chinese学习.总结,将重要的内容提取,加以理解后整理为学习笔记,方便以后查询 ...

  7. IOS 杂笔-9 (MD5 加密)

    首先是一段对MD5的简介 *出自一位大牛之手* Message Digest Algorithm MD5(中文名为消息摘要算法第五版)为计算机安全领域广泛使用的一种散列函数,用以提供消息的完整性保护 ...

  8. Extjs5 tree扩展----treepanel树组件

       Ext.define('MyExtend.lib.TreeFilter', {         filterByText: function(text) {             this.f ...

  9. angularJS 学习演示

    开源网址(带中文说明注释):https://github.com/EnhWeb/angularJS.git

  10. ASP.NET MVC 3 网站优化总结(一) 使用 Gzip 压缩

    网站开启 Gzip 压缩的好处相信很多人都已经清楚,这样做可以提高网站的性能.那么为什么很多网站没有开启 Gzip 压缩功能呢?原因有4点:防病毒软件.浏览器 bug.网站代理和服务器未配置. 使用 ...