We need that some users not have access to do insert/update/delete in the DB, but they should have access to do a select and a trace in the database.
I'm not sure if this is posible, then I red that to have the privilege to do a trace, you need to be System Admin in SQL.
Please help me, I need this ASAP.
A trace is not something you instantiate through access to a particular database. It's a server level process. So, you won't be able to do exactly what you want. Instead, what you can do is set up a SQL Agent job that will run as a system administrator and you can have that job enable a trace, filtered for the database in question. Then, you just have to give your people permission to run that SQL Agent job.
One more thing. Since all good trace sessions should output to a file, you'll need to give them access to read the files from the directory where you output your traces.
You do not, nor should you ever, allow people to run the Profiler gui against your production environment directly.
answered May 16, 2012 at 08:26 PM
Grant Fritchey ♦♦