I currently have multiple users on my DB. All these users are currently Open to do all (Sysadmin and public). I need create restrictions for my users. I basically need them to be able to Create proc edit procs, inserts updates, selects, create views. but not make Changes to any users. or Edit any databases.ETC
You should remove those users from sysadmin role first, and you should add them to db_datareader, db_datawriter for read & write roles, if you need to restrict the permission based on objects then use GRANT SELECT, INSERT, UPDATE, DELETE ON TO The above query grants SELECT, INSERT, UPDATE & DELETE Permission on given table to the user. To add a user to role 'db_datareader' use below query EXEC sp_addrolemember 'db_datareader', 'Myuser' For creating Stored porcedures, use GRANT CREATE PROCEDURE TO . There is a role called db_ddladmin which can be assigned to a user for all DDL changes.