Question : How do I grant execute permission on sp_oacreate in the master db?

Question : How do I grant execute permission on sp_oacreate in the master db?

Hi everyone
I am trying to run the sp_oacreate master procedure from within a trigger on a sql 2005 database table. So far the only solution i have found that works is to add my database role and user roles just as they are in my current database to the master database as well. I am using NT authentication.

The error I’m getting when i update the table with the trigger in vb is:
42000: [Microsoft][ODBC SQL Server Driver][SQL Server]EXECUTE permission denied on object ‘sp_OACreate’, database ‘mssqlsystemresource’, schema ‘sys’.

Any help would be appreciated


 

Solution: How do I grant execute permission on sp_oacreate in the master db?

Using the sysadmin fixed server role will allow access to these SPs, but is generally a bad idea due to the security risks. You may consider an alternate approach such as a certificate.

In any case to add a login to the server level sysadmin role execute the following:

use master
exec sp_addsrvrolemember ‘loginname’, ‘sysadmin’

Contrary to rboyd56’s statement, it is possible (I have done it successfully myself)  to grant permissions on these system stored procedures to a user that is not a member of the sysadmin role. Run the following to grant the group of system stored procedures to a specific username

use master
grant exec on sp_OACreate to username
grant exec on sp_OAGetErrorInfo to username
grant exec on sp_OAMethod to username
grant exec on sp_OAGetProperty to username
grant exec on sp_OADestroy to username

You will want to map the existing login for your username to a user in Master because the permission cannot be directly addressed to the login.

Thanks,