You have recently been hired as a database consultant for a manufacturing company. As part of your assignment, you have been asked to clarify the usage of various database user IDs. While looking through some SQL Server production script files you see various code such as “EXECUTE AS Michael” and “EXEC AS Thomas.” How can you explain these code snippets to management?

You have recently been hired as a database consultant for a manufacturing company. As part of your assignment, you have been asked to clarify the usage of various database user IDs. While looking through some SQL Server production script files you see various code such as “EXECUTE AS Michael” and “EXEC AS Thomas.” How can you explain these code snippets to management?

You have recently been hired as a database consultant for a manufacturing company. As part of your assignment, you have been asked to clarify the usage of various database user IDs. While looking through some SQL Server production script files you see various code such as “EXECUTE AS Michael” and “EXEC AS Thomas.” How can you explain these code snippets to management?


Answer: – While it may not be good practice to embed specific user ids like this inside production code, it may be difficult to alter those without first thoroughly understanding the existing permission structure.

(These EXECUTE AS… code snippets using individual usernames are perhaps a poor practice but if the security structure requires their usage, then care must be taken when removing or changing this code. These users do not need to be the owner of the objects. These users just need to have the correct permissions on the objects.)