回答:
これが私たちの解決策です(私はそれが完全に機能すると信じています!)
実行レポートの格納方法に関する手順を調査したところ、ジョブが実行されるたびに、SSISDBのinternal.executionsテーブルが更新されることがわかりました。そして、この実行の実行レポートを表示するには、以下のようなものを実行する必要があります。
EXEC SSISDB.catalog.grant_permission
@object_type = 4,
@object_id = @execution_id,
@principal_ID = 13,
@permission_type = 1;
このストアドプロシージャは、データベース内のオブジェクトへの特定のアクセスを役割/ユーザーに許可します。@object_typeは、権限が必要なオブジェクトのタイプを意味します(4は操作を意味します)。@object_idは、アクセスしたい特定のオブジェクトを意味します。@principal_IDは、アクセスを取得するユーザーを意味します。permission_typeは、どのような種類のアクセスを許可するかを意味します(1は読み取り専用を意味します)。詳細については、catalog.grant_permission(SSISDBデータベース)を参照してください。
ターゲットは、ジョブが実行されるたびに、つまりinternal.executionsテーブルが挿入されるトリガーを作成することです。上記のSPを使用して、その操作情報に対する権限をロールに付与します。
次に、以下の手順に従って、実行レポートの表示権限を設定します。
トリガーが実行されるユーザーを作成します。このユーザーは、SSISDBでトリガーを実行でき、SSISカタログにアクセスできる必要があります。この例では、SSISDBの下にdb_ownerロールとssis_adminを割り当てます。
USE [master]
GO
CREATE LOGIN [ssis_job_viewer] FROM WINDOWS WITH DEFAULT_DATABASE=[master]
GO
USE [SSISDB]
GO
CREATE USER [ssis_job_viewer] FOR LOGIN [ssis_job_viewer]
GO
USE [SSISDB]
GO
ALTER ROLE [db_owner] ADD MEMBER [ssis_job_viewer]
GO
USE [SSISDB]
GO
ALTER ROLE [ssis_admin] ADD MEMBER [ssis_job_viewer]
GO
役割[package_execution_viewer]を作成します。このロールは、前述のストアドプロシージャで使用されます。
USE [SSISDB]
GO
CREATE ROLE [package_execution_viewer]
GO
[package_execution_viewer]にユーザーを追加する
USE [SSISDB]
GO
ALTER ROLE [package_execution_viewer] ADD MEMBER [user1]
GO
USE [SSISDB]
GO
ALTER ROLE [package_execution_viewer] ADD MEMBER [user2]
GO
package_execution_viewerロールのprincipal_idを取得します。このIDは、上記のSPでも使用されます。
SELECT * from sys.database_principals
GO
package_execution_viewerに権限を付与するトリガーを作成します
USE [SSISDB]
GO
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE TRIGGER [internal].[update_viewer_perms]
ON [internal].[executions]
WITH EXECUTE AS 'ssis_job_viewer'
AFTER INSERT
AS
declare @execution_id bigint
BEGIN
select @execution_id = execution_id from inserted
EXEC SSISDB.catalog.grant_permission
@object_type = 4,
@object_id = @execution_id,
@principal_ID = 13,
@permission_type = 1 **--Note the principal_id needs to be changed**
END
GO
準備完了。このようにして、ssis_adminにせずに実行レポートにアクセスできるようにします。試してみて、この投稿に対する考えを共有してください!
私は警備員ではないことに注意してください...
ssis_admin
SSISDBにとって特別なもの以外に、事前定義されたデータベースロールはありません。これにより、SSISのすべてのことを実行できますが、サポート担当者が持っているべき能力よりも明らかに強力です。
スキーマは2つinternal
ありcatalog
ます。カタログは、エンドユーザーが内部でSSISDBを操作して、優れたマニュアルを引用することを目的としています
IST NICHTFÜRDER GEFINGERPOKEN UND MITTENGRABEN!
プロファイラーを起動し、実行レポートとサブレポートをクリックしていくのを見ました。すべてのクエリは、catalog
スキーマに対するインラインクエリです。catalog
スキーマにあるprocと関数はすべてパッケージのメンテナンスと管理に関連しているように見えるので、
Martinの回答で実行すると、すべてのカタログベースのビューへのアクセスを許可できますが、私は怠惰です。
私はこのようなことをしようと思います。という名前のロールを作成しLookIt
、それにメンバーを追加して、カタログスキーマ全体に対するSELECT権限を付与します
USE [SSISDB]
GO
CREATE ROLE [LookIt]
GO
USE [SSISDB]
GO
ALTER ROLE [LookIt] ADD MEMBER [MyPeople]
GO
use [SSISDB]
GO
GRANT SELECT ON SCHEMA::[catalog] TO [LookIt]
GO
SQL Server 2016をご覧になっている方は喜んでください。特権のないユーザーがネイティブのレポートツールを使用できるようにする新しいSSISロールが近づいています。その役割は、その役割ssis_logreader
へのメンバーシップの付与と呼ばれ、ユーザーはSSISインスタンスまたはサーバー全体を管理する機能を許可せずにすべてのレポートにアクセスできます。
非常に単純に... WHERE
これらの2つのビューで節をコメント化します。
SSISDB.catalog.executions
SSISDB.catalog.event_messages
できました。
句をcatalog.event_messages
コメント化してビューを変更しますWHERE
。
--WHERE opmsg.[operation_id] in (SELECT [id] FROM [internal].
--[current_user_readable_operations]) OR (IS_MEMBER('ssis_admin') = 1) OR
--(IS_SRVROLEMEMBER('sysadmin') = 1)
ビューに対しても同じことを行いますCatalog.executions
。
副作用はまだ発生しておらず、PROD環境とQA環境の両方で3か月間使用しています。
だから、これは私が過去数日間に遭遇した問題であり、答えのどれも正確には役に立たなかったものの、私はこの投稿が間違いなく役に立ったと言わなければなりません。
したがって、この投稿の状態のように、必要のない環境でSSIS_adminロールを付与する必要なしに、統合されたIntegration Services Catalogレポートを表示するアクセス権を付与したいと思いました。そして、答えを見つける手助けをしてくれたbillinkcに感謝します。彼が言ったように、彼らはSQL 2016でこの問題を修正しました。これにより、SQL 2016が以前のバージョンで行ったことを単にコピーするというアイデアが得られました。だからここにあなたがしなければならないことです:
OR (IS_MEMBER('ssis_logreader') = 1)
して、where句に含めます。[カタログ]。[操作]
[カタログ]。[operation_messages]
[カタログ]。[event_message_context]
[カタログ]。[イベントメッセージ]
[カタログ]。[executable_statistics]
[カタログ]。[実行ファイル]
[カタログ]。[execution_component_phases]
[カタログ]。[execution_data_statistics]
[カタログ]。[execution_data_taps]
[カタログ]。[execution_parameter_values]
[カタログ]。[execution_property_override_values]
[カタログ]。[実行]
[カタログ]。[extended_operation_info]
[カタログ]。[operation_messages]
[カタログ]。[操作]
[カタログ]。[パッケージ]
[カタログ]。[プロジェクト]
[カタログ]。[検証]
これを実行すると、問題が解決されます。
最後のステップ以外のすべてを実行するスクリプトも添付しました。注意してください、それはほぼ700行の長さです
ありがとう。
USE SSISDB
GO
CREATE ROLE [ssis_logreader]
GO
----------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[operations] Script Date: 10/5/2016 8:38:56 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[operations]
AS
SELECT [operation_id],
[operation_type],
[created_time],
[object_type],
[object_id],
[object_name],
[status],
[start_time],
[end_time],
[caller_sid],
[caller_name],
[process_id],
[stopped_by_sid],
[stopped_by_name],
[server_name],
[machine_name]
FROM internal.[operations]
WHERE [operation_id] in (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-----------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[operation_messages] Script Date: 10/5/2016 8:38:32 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[operation_messages]
AS
SELECT [operation_message_id],
[operation_id],
[message_time],
[message_type],
[message_source_type],
[message],
[extended_info_id]
FROM [internal].[operation_messages]
WHERE [operation_id] in (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-----------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[event_message_context] Script Date: 10/5/2016 8:12:27 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[event_message_context]
AS
SELECT [context_id],
[event_message_id],
[context_depth],
[package_path],
[context_type],
[context_source_name],
[context_source_id],
[property_name],
[property_value]
FROM [internal].[event_message_context]
WHERE [operation_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-----------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[event_messages] Script Date: 10/5/2016 8:13:44 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[event_messages]
AS
SELECT opmsg.[operation_message_id] AS [event_message_id],
opmsg.[operation_id],
opmsg.[message_time],
opmsg.[message_type],
opmsg.[message_source_type],
opmsg.[message],
opmsg.[extended_info_id],
eventmsg.[package_name],
eventmsg.[event_name],
message_source_name =
CASE
WHEN (opmsg.message_source_type = 10) THEN 'ISServerExec'
WHEN (opmsg.message_source_type = 20) THEN 'Transact-SQL stored procedure'
ELSE eventmsg.message_source_name
END,
eventmsg.[message_source_id],
eventmsg.[subcomponent_name],
eventmsg.[package_path],
eventmsg.[execution_path],
eventmsg.[threadID],
eventmsg.[message_code]
FROM [internal].[operation_messages] opmsg LEFT JOIN [internal].[event_messages] eventmsg
ON opmsg.[operation_message_id] = eventmsg.[event_message_id]
WHERE opmsg.[operation_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
----------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[executable_statistics] Script Date: 10/5/2016 8:14:02 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[executable_statistics]
AS
SELECT [statistics_id],
[execution_id],
[executable_id],
[execution_path],
[start_time],
[end_time],
[execution_duration],
[execution_result],
[execution_value]
FROM [internal].[executable_statistics]
WHERE [execution_id] IN (SELECT id FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
----------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[executables] Script Date: 10/5/2016 8:14:22 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[executables]
AS
SELECT DISTINCT
execl.[executable_id],
execs.[execution_id],
execl.[executable_name],
execl.[executable_guid],
execl.[package_name],
execl.[package_path]
FROM ([internal].[executions] execs INNER JOIN [internal].[executable_statistics] stat
ON execs.[execution_id] = stat.[execution_id]) INNER JOIN [internal].[executables] execl
ON stat.[executable_id] = execl.[executable_id]
WHERE execs.[execution_id] IN (SELECT id FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[execution_component_phases] Script Date: 10/5/2016 8:24:40 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[execution_component_phases]
AS
SELECT startPhase.[phase_stats_id] AS [phase_stats_id],
startPhase.[execution_id] AS [execution_id],
startPhase.[package_name] AS [package_name],
startPhase.[task_name] AS [task_name],
startPhase.[subcomponent_name] AS [subcomponent_name],
startPhase.[phase] AS [phase],
startPhase.[phase_time] AS [start_time],
endPhase.[phase_time] AS [end_time],
startPhase.[execution_path] AS [execution_path]
FROM [internal].[execution_component_phases] startPhase LEFT JOIN [internal].[execution_component_phases] endPhase
ON startPhase.[phase_stats_id] != endPhase.[phase_stats_id]
AND startPhase.[execution_id] = endPhase.[execution_id]
AND startPhase.[sequence_id] = endPhase.[sequence_id]
WHERE startPhase.[is_start] = 'True' AND (endPhase.[is_start] = 'False' OR endPhase.[is_start] IS NULL)
AND (startPhase.[execution_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1))
OR (IS_MEMBER('ssis_logreader') = 1)
GO
--------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[execution_data_statistics] Script Date: 10/5/2016 8:25:01 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[execution_data_statistics]
AS
SELECT [data_stats_id],
[execution_id],
[package_name],
[task_name],
[dataflow_path_id_string],
[dataflow_path_name],
[source_component_name],
[destination_component_name],
[rows_sent],
[created_time],
[execution_path]
FROM [internal].[execution_data_statistics]
WHERE [execution_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
----------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[execution_data_taps] Script Date: 10/5/2016 8:25:36 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[execution_data_taps]
AS
SELECT [data_tap_id],
[execution_id],
[package_path],
[dataflow_path_id_string],
[dataflow_task_guid],
[max_rows],
[filename]
FROM [internal].[execution_data_taps]
WHERE [execution_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
--------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[execution_parameter_values] Script Date: 10/5/2016 8:26:01 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[execution_parameter_values]
AS
SELECT [execution_parameter_id],
[execution_id],
[object_type],
[parameter_data_type],
[parameter_name],
[parameter_value],
[sensitive],
[required],
[value_set],
[runtime_override]
FROM [internal].[execution_parameter_values]
WHERE [execution_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[execution_property_override_values] Script Date: 10/5/2016 8:26:24 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[execution_property_override_values]
AS
SELECT [property_id],
[execution_id],
[property_path],
[property_value],
[sensitive]
FROM [internal].[execution_property_override_values]
WHERE [execution_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
--------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[executions] Script Date: 10/5/2016 8:26:52 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[executions]
AS
SELECT execs.[execution_id],
execs.[folder_name],
execs.[project_name],
execs.[package_name],
execs.[reference_id],
execs.[reference_type],
execs.[environment_folder_name],
execs.[environment_name],
execs.[project_lsn],
execs.[executed_as_sid],
execs.[executed_as_name],
execs.[use32bitruntime],
opers.[operation_type],
opers.[created_time],
opers.[object_type],
opers.[object_id],
opers.[status],
opers.[start_time],
opers.[end_time],
opers.[caller_sid],
opers.[caller_name],
opers.[process_id],
opers.[stopped_by_sid],
opers.[stopped_by_name],
opers.[operation_guid] AS [dump_id],
opers.[server_name],
opers.[machine_name],
ossysinfos.[total_physical_memory_kb],
ossysinfos.[available_physical_memory_kb],
ossysinfos.[total_page_file_kb],
ossysinfos.[available_page_file_kb],
ossysinfos.[cpu_count]
FROM [internal].[executions] execs INNER JOIN [internal].[operations] opers
ON execs.[execution_id]= opers.[operation_id]
LEFT JOIN [internal].[operation_os_sys_info] ossysinfos
ON ossysinfos.[operation_id]= execs.[execution_id]
WHERE opers.[operation_id] IN (SELECT id FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
--------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[extended_operation_info] Script Date: 10/5/2016 8:27:45 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[extended_operation_info]
AS
SELECT [info_id],
[operation_id],
[object_name],
[object_type],
[reference_id],
[status],
[start_time],
[end_time]
FROM [internal].[extended_operation_info]
WHERE [operation_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
--------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[operation_messages] Script Date: 10/5/2016 8:29:30 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[operation_messages]
AS
SELECT [operation_message_id],
[operation_id],
[message_time],
[message_type],
[message_source_type],
[message],
[extended_info_id]
FROM [internal].[operation_messages]
WHERE [operation_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-------------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[operations] Script Date: 10/5/2016 8:29:55 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[operations]
AS
SELECT [operation_id],
[operation_type],
[created_time],
[object_type],
[object_id],
[object_name],
[status],
[start_time],
[end_time],
[caller_sid],
[caller_name],
[process_id],
[stopped_by_sid],
[stopped_by_name],
[server_name],
[machine_name]
FROM internal.[operations]
WHERE [operation_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
----------------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[packages] Script Date: 10/5/2016 8:31:07 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[packages]
AS
SELECT pkgs.[package_id],
pkgs.[name],
pkgs.[package_guid],
pkgs.[description],
pkgs.[package_format_version],
pkgs.[version_major],
pkgs.[version_minor],
pkgs.[version_build],
pkgs.[version_comments],
pkgs.[version_guid],
pkgs.[project_id],
pkgs.[entry_point],
pkgs.[validation_status],
pkgs.[last_validation_time]
FROM [internal].[packages] pkgs INNER JOIN [internal].[projects] proj ON
(pkgs.[project_version_lsn] = proj.[object_version_lsn]
AND pkgs.[project_id] = proj.[project_id]) INNER JOIN
[internal].[object_versions] vers ON ( vers.[object_type] =20 AND
vers.[object_id] = proj.[project_id]
AND vers.[object_version_lsn] = proj.[object_version_lsn])
WHERE pkgs.[project_id] IN (SELECT [id] FROM [internal].[current_user_readable_projects])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[projects] Script Date: 10/5/2016 8:31:31 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[projects]
AS
SELECT proj.[project_id],
[internal].[folders].[folder_id],
proj.[name],
proj.[description],
proj.[project_format_version],
proj.[deployed_by_sid],
proj.[deployed_by_name],
proj.[last_deployed_time],
proj.[created_time],
proj.[object_version_lsn],
proj.[validation_status],
proj.[last_validation_time]
FROM [internal].[object_versions] ver INNER JOIN
[internal].[projects] proj ON (ver.[object_id] = proj.[project_id]
AND ver.[object_version_lsn] = proj.[object_version_lsn]) INNER JOIN
[internal].[folders] ON proj.[folder_id] = [internal].[folders].[folder_id]
WHERE (ver.[object_status] = 'C')
AND (ver.[object_type]= 20)
AND (
proj.[project_id] IN (SELECT [id] FROM [internal].[current_user_readable_projects])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
)
GO
-------------------------------------------------------------------------------------------------------------------
USE [SSISDB]
GO
/****** Object: View [catalog].[validations] Script Date: 10/5/2016 8:31:54 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER VIEW [catalog].[validations]
AS
SELECT vals.[validation_id],
vals.[environment_scope],
vals.[validate_type],
vals.[folder_name],
vals.[project_name],
vals.[project_lsn],
vals.[use32bitruntime],
vals.[reference_id],
opers.[operation_type],
opers.[object_name],
opers.[object_type],
opers.[object_id],
opers.[start_time],
opers.[end_time],
opers.[status],
opers.[caller_sid],
opers.[caller_name],
opers.[process_id],
opers.[stopped_by_sid],
opers.[stopped_by_name],
opers.[operation_guid] AS [dump_id],
opers.[server_name],
opers.[machine_name]
FROM [internal].[validations] vals INNER JOIN [internal].[operations] opers
ON vals.[validation_id] = opers.[operation_id]
WHERE opers.[operation_id] IN (SELECT [id] FROM [internal].[current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
OR (IS_MEMBER('ssis_logreader') = 1)
GO
-------------------------------------------------------------------------------------------------------------------
同じ問題がありました。where句に焦点を当てて下線を引くクエリを調べた後。
WHERE opmsg.[operation_id] in (SELECT [id] FROM [internal]. [current_user_readable_operations])
OR (IS_MEMBER('ssis_admin') = 1)
OR (IS_SRVROLEMEMBER('sysadmin') = 1)
クエリがssis_adminロールのメンバーシップをチェックするとき。私は、自分のreport_readerロールをssis_adminデータベースロールに付与することにしました。
クエリをスタンドアロンで実行すると、選択権限エラーが発生しました。そこで、カタログと内部スキーマへのロール選択権限を付与しました。
GRANT SELECT ON SCHEMA::[catalog] TO ssis_admin;
GRANT SELECT ON SCHEMA::[internal] TO ssis_admin;
これが誰かを助けることを願っています。
SQL Server 2014の場合
より簡単な解決策があるようです。
完了です。
注:SQL Server 2014でこれをテストしましたが、動作します。2012年以降は動作するはずです。
これで問題が解決しました。Petemill66から修正を入手したので、ありがとう
SSISDBを使用する
SCHEMA :: [カタログ]のSELECTをssis_adminに付与します。
SCHEMA :: [internal]でssis_adminにSELECTを付与します。
スキーマの更新を許可:: [カタログ] ssis_admin;
SCHEMA :: [internal]の更新をssis_adminに付与します。