The docs for SQL Server 2005 say that in order to execute SET IDENTITY_INSERT for an object, that the..."User must own the object, or be a member of the sysadmin fixed server role, or the db_owner and db_ddladmin fixed database roles."(http://msdn.microsoft.com/en-us/library/ms188059(SQL.90).aspx)This is not quite true, as it implies that a user only in db_owner or only in db_ddladmin cannot call the command. The way it is worded makes it seem like the two roles need to be tied together in order to be useful for this purpose. How the statement should be worded is as follows:"User must own the object, or be a member of the sysadmin fixed server role, or either the db_owner or db_ddladmin fixed database roles."I believe the misinterpretation occurred when the statement was lifted (and re-worded) from the 2000 doc, which states:"Execute permissions default to the sysadmin fixed server role, and the db_owner and db_ddladmin fixed database roles, and the object owner."(http://msdn.microsoft.com/en-us/library/aa259221(SQL.80).aspx)Obviously the mention of db_owner and db_ddladmin here are together for convenience, but remain independent in meaning.Different context and quite similar wording can lead to confused users (which is what spurred this entry).Also, it is missing the fact that a regular user who has only been granted ALTER on the table in question is also able to affect the SET IDENTITY_INSERT setting.
Version
Category
Operating System
Platform