00e370d1   
   From: esquel@sommarskog.se   
      
   bill (billmaclean1@gmail.com) writes:   
   > Assume I have two databases, call them 'A' and 'B' running in the same   
   > instance of SQL Server 2008.   
   >   
   > I want to lock down 'A' so that no one, not even an admin, can get in   
   > and look around.   
      
   If you with "admin" mean someone who is just a Windows admin, well   
   you can drop the login BUILTIN\Administrators (and on SQL 2008 it is   
   not added by default.)   
      
   However, he could still stop the service and copy the database files   
   to an instance where he is sysadmin.   
      
   If you mean some who is member of the fixed server role "sysadmin" in   
   SQL Server, just forget about it.   
      
   > I want to grant SELECT on a number of views in 'A' to anyone who has   
   > successfully connected to database 'B'.   
      
   If you have DB chaining enabled, and the databases have the same owners,   
   it is doable.   
      
   > Is it possible to do something like this with certificates?   
      
   With stored procedures, yes. But as I recall, you cannot sign a view.   
   The best you can do is a multi-statement function, but it would have   
   performance implications.   
      
      
      
   --   
   Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se   
      
   Links for SQL Server Books Online:   
   SQL 2008: http://msdn.microsoft.com/en-us/sqlserver/cc514207.aspx   
   SQL 2005: http://msdn.microsoft.com/en-us/sqlserver/bb895970.aspx   
   SQL 2000: http://www.microsoft.com/sql/prodinfo/previousversions/books.mspx   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)