Error: "Selected request was already approved/rejected"

Hello, 
Recently we have upgraded the system from EHP4 to EHP7. We are using Webdynpro ABAP leave application (standard workflow). Here, at approval level, on opening any leave request item, an error "Selected request was already approved/rejected" appears. We found SAP Note 1773641 and followed the suggested steps. But the error still exists. Please suggest.
Secondly, it is observed that if there are more than one leave request in approver's UWL, then by default the record with highest date is opened (ie. out of leave requests of 01.07.2014, 07.08.2014, 29.08.2014, every time leave record of 29.08.2014 is displayed even though any other item is selected). Is it a standard behavior or requires some settings?
Regards,

as UR IN ehp 7  here u cnan use POWL other than UWL ...it wud better ....what is the workflow ur using for leaves here in task ur in SWFVISU ... what are the parameters assigned to hat task in SWFVISU
No it is not standard behaviour, go to ptarq and check in display documents what is the status of that 29.08.2014 leave type and if it approved and is updated in 20001 go to ptarq and click on delete documents and delete that already approved leave from that
SE38 :- RPTARQDBDEL----
RPTARQDBVIEW .......DISPLAY LEAVE REQUESTS
Approve Leave Request - Business Package for MSS Add-On 1.0 - SAP Library
Let's Crowd Source a POWL Based Universal Worklist Design for ERP

Similar Messages

  • Application Request to be approved/reject through Outlook 2010

    Dear Experts
    Need your suggestions / inputs in implement a requirement i.e any application (WF) request can be either approved/ rejected
    through outlook 2010  instead of every time logging into application portal and then to approve or reject.

    This is possible SAP workflow with extended notifications.
    Refer here: http://scn.sap.com/docs/DOC-15808
    Explore SAP Workflow forum in SCN if you need more info.
    Hope this helps.
    Regards,
    Sahir.

  • Expense request getting errored out after Expense approver rejected

    Dear Experts,
    I am facing issues where employee expense request is getting errored out when the expenses approver reject the Request.
    We are using a workflow to move this request.
    Once the employee submitted the expense request. We are having 2 level approval of his/her. Supervisor at the 1st and Expense approver at 2nd level
    In the 2nd phase the Expense approver rejecting the travel request to make modifications, however the rejected request is NOT routing back to the employee.
    Any assistance highly appreciated

    Hi Venkat,
    Many thanks for your reply
    The required work flow is properly configured. I can see after rejection it has been routed to the employee again.
    However after rejection its getting errored out, any idea on the possible reasons, does er approver is selecting or inputing any incorrect parameters.
    Regards,
    Tamiz

  • Workflow Approbation - Accessing and Editing Approve/Reject state

    Hello
    I'm creating a custom workflow in order to manage mass approbations. I have used the Approval and Multi Approval workflows to make my own one.
    This work great except on one point: I can't use the standard approbation/reject buttons of the end user approvals list as i wish. I didn't find out in the workItem of type Approval where is set the accept or reject value.
    I have seen in documentation that there are action and confirm attributes in WorkItem List View attribute but i don't see how to use it as i already have a view in use. I am using a custom workflow variable which hold the value of the result. This work except that i have to customize too the End User Approvals List to change this variable.
    I guess there is somewhere an easy way to know about the state of an Approval WorkItem but dunno how to access it easily.
    If you have got any idea, please tell me!
    Grtz,
    Adrien

    Thanks for your answer.
    I agree with you but the problem is that the variable i'm looking for isn't in the WorkItem View (or i just didn't find it out).
    I am looking for the location of the variable which indicate to the requestor the result of his approbation request (accepted or rejected) in order to make a custom report form. This way my requestor who make approbation for severals different users at the same time will have a report telling him which request was accepted or rejected.
    Hope this make much sense.

  • HTTP request was forbidden with client authentication scheme 'anonymous'

    Hi,
    We have updated our support Package for version BPC NW 10.0 release 801 from 0002 to 0005.
    After the update we are not being to access the server folders in EPM Add-in.
    We have the following error "HTTP request was forbidden with client authentication scheme 'anonymous'". Nevertheless we only can't access to the content of folders that are not public or local.
    In SLG1 log, we have the error " Access not granted, You are not the member of team: BUSINESS ADMIN". This is not true because the user has SAP_ALL in BW and is a primary administrator in BPC. The data access profile associated is the administrator member access profile.
    Has anybody seen this error?
    Best regards,
    JA

    Hi Nilanjan,
    We are able to log in into EPM Add-in.
    We have the error when we try to open input forms or reports from server, but only from some folders.
    When we select the folder we have the error.
    For example we can see the content from:
    WEBEXCEL\REPORTLIBRARY\
    ADMIN\WEBEXCEL\TEAMREPORTLIBRARY\
    But we can't see the content from:
    BUSINESS ADMIN\WEBEXCEL\TEAMREPORTLIBRARY\
    TEAM FI\WEBEXCEL\TEAMREPORTLIBRARY\
    The user has administrator member access profile ans is included in all teams (ADMIN, BUSINESS ADMIN and TEAM FI)
    We really can't see what could be the problem
    Hope you can help us.
    regards,
    JA

  • I'm getting a 'JSON request was malformed' when trying to log in on a toolbar...what can I do? Thanks in advance!

    I am working with a company that requires me to log in on a toolbar, but when I do, I get the error 'JSON request was malformed'. WTH does that mean and what can I do? Thanks!

    Clear the cache and the cookies from sites that cause problems.
    "Clear the Cache":
    *Tools > Options > Advanced > Network > Cached Web Content: "Clear Now"
    "Remove Cookies" from sites causing problems:
    *Tools > Options > Privacy > Cookies: "Show Cookies"
    Start Firefox in <u>[[Safe Mode|Safe Mode]]</u> to check if one of the extensions (Firefox/Tools > Add-ons > Extensions) or if hardware acceleration is causing the problem (switch to the DEFAULT theme: Firefox/Tools > Add-ons > Appearance).
    *Do not click the Reset button on the Safe mode start window or otherwise make changes.
    *https://support.mozilla.org/kb/Safe+Mode
    *https://support.mozilla.org/kb/Troubleshooting+extensions+and+themes

  • MP has rejected a policy request from GUID:27935EC8-95F1-4104-A613-E72D2A9764E0 because it was not approved. The operating system reported error 2147942405: Access is denied.

    Why Microsoft doesn't have correct fix to run automatically. How many years we need to cry with same error again n again?
    Does any one have correct solution which will fix permanently while running more than 4000 systems in our environment
    Manual stuff isn't easy. Pls provide permanent fix?
    MP has rejected a policy request from GUID:27935EC8-95F1-4104-A613-E72D2A9764E0 because it was not approved. The operating system reported error 2147942405: Access is denied. 

    This isn't a bug to fix. This is by design. Clients must be approved to be managed. Thus, only your configuration or expectations must be fixed. To correct your configuration, see the link Henrik posted. To correct your expectations, read the content linked
    by Henrik.
    Jason | http://blog.configmgrftw.com

  • PO change version Approval/Rejection notification to requester

    Dear SRM Gurus,
    We are in stand alone scenarion of SRM 7.0 using process controlled WF.
    We have received an request to send out notification on approval / rejection of and PO change version.
    The PO's are created automaticaly from approved SC's and only the PO change triggers the approval WF.
    I've already checked the IMG: SRM server > cross application > Event and event schema for alert management.
    1. Define events: BUS2201 Purchase order is present with APPROVAL_PROCESS_DOC_APPROVED and APPROVAL_PROCESS_DOC_REJECTED
    2. Define event schema for obj. type BUS2201 event schema PO the APPROVAL_PROCESS_DOC_APPROVED and APPROVAL_PROCESS_DOC_REJECTED with subcategory event APPROVAL_RESULT_NOTIFIC_NEW are set to event category NOTIFIC Message.
    3. Define Recipient of notifications: PM Approve change version of purchase order - User Role CR contact person the options rejection and approval of application object are selected.
    The users I'am using to test are the same as those who receive notifications for SC rejection/approval so I guess it's not connected to SU01 or PPOMA settings.
    Still I don't see notification sent via SOST.
    Any ides what I could check next please?
    Thanks in advance for you help.
    Michal

    Hello Michal,
    did you give the event schema created to corresponding transaction type ?
    If you are expecting to receive notification during approval workflow, check OSS note [1395980 - No notifications of approval sent during approval process|https://websmp101.sap-ag.de/~form/handler?_APP=01100107900000000342&_EVENT=REDIR&_NNUM=1395980&_NLANG=E]
    For PO, you can also check OSS note [1572957 - PO change version reject notification not sent|https://websmp101.sap-ag.de/~form/handler?_APP=01100107900000000342&_EVENT=REDIR&_NNUM=1572957&_NLANG=E]
    Regards.
    Laurent.

  • How can we reject an already approved sales quotation and sales order

    Hi,
    Could anyone please tell me how can we reject an already approved sales quotation and sales order.
    Thanks and Regards
    Mahavir

    Hi,
    in the document flow : i am finding documents which are given below :
    Serv. notif.      00015773                                                     
    Qt For NewConnection 20022016  23.04.08 Completed  
    Order New Connection  22460       23.04.08 Open                 
    Z New Connection  90022430   23.04.08 FI doc. not Required 
    Cancel. Invoice (S1) 90023731  19.07.08 FI doc. not required 
    I have run VF11 for document no. 90023731 .
    But when i was running VL09 i just gave the shipping point and execute the transaction.
    Then i did not find any document for that selection.
    Please guide .
    Thanks and Regards

  • Approval/Rejection of Access Request through email functionality not workin

    Hello Gurus,
    We have configured CUP with workflow and everything is working fine along with email notification triggers etc..
    In MSMP configuration , for task settings i have we see that there are various option and check boxes with options
    1)Approval by email
    2) Rejection by email !!
    Which i have ticked very happily but when i get a notification regarding approval . it is plain text e.g)
    Dear Approver,
    There are new workitem(s) in your work inbox . Please perform the necessary actions.
    Kind regards,
    Access Control Administrator
    Now i am wondering how can i get the approve & reject button in the email ??
    I suppose this functionality was available in GRC 5.3.
    Please correct me if i have understood this functionality wrong or something !!
    Else what settings have to be done to enable it ??
    Thanks in advance.
    Regards,
    Victor

    Hello Diego,
    Thank you for providing me a very good document.
    I checked it and i found that i had selected "default" templates for notification events
    END_OF_REQUEST & REQUEST_SUBMISSION.
    But when i went on to one more template  ID  of "GRAC_AR_APP_BY_EMAIL" i only found that i could select
    recipients (Agent Names)
    Current Approvers
    Manager Notifications
    Other Approvers
    Requester
    User
    I could not find a way through which i could select the "Custom" Agents i have created whose "Agent Purpose" was "APPROVE"
    If i am not wrong , should i add those Custom agents under step three (Maintain Agents) & assign them Agent purpose as "Notification" only then will i be able to see them ??
    Please correct me if i am wrong !!
    Thanks in advance.
    Regards,
    Victor

  • Duet has encountered an error during Approve , Reject Reassign the workflow

    Hi,
    We have implemented DUET with two scenario (LEMA & WOMA) in our organization. When try Approve , Reject or Reassign the Duet work flow Item  Duet has encountered an error . The scenario was working fine earlier. Suddenly the error has start coming. The error is coming in a pop up window. I am attaching the error details from event log.
    Event Type:     Error
    Event Source:     Duet Diagnostics
    Event Category:     None
    Event ID:     0
    Date:          1/04/2010
    Time:          10:49:37 AM
    User:          N/A
    Computer:     xxxxxxxxxxx001
    Description:
    Error in Approve/Reject from Approver Mail.
    Exception message: Attempted to read or write protected memory. This is often an indication that other memory is corrupt.
    Method: Close
    StackTrace:   at Microsoft.Office.Interop.Outlook._MailItem.Close(OlInspectorClose SaveMode)
       at SAP.Office.Apps.Leave.Outlook.LeaveApproverMailInspectorCodeBehind.AfterOnSelectControl(String name, String param)
         =====Additional Information=====
    oba://oba.microsoft.com/outlook?boundItemId=
    Bound Item ID:
    Bound Item Type:
    Correlation ID:
    Process Name: C:\PROGRA1\MICROS3\Office12\OUTLOOK.EXE
    User Name: xx\99901
    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Thanks in advance,
    Monirul Islam

    HI Monirul,
    You can get better advice and help in another forum dedicated to Duet only.
    Regards,
    Sangvir

  • GRC CUP Error creating request. Approver not found

    Hi,
    We just upgrade from GRC CUP 14 to GRC CUP 15.6 support pack.I already performed post upgrade steps and when i try to create a request i am getting approver not found.i didnot change workflow.In stage for role approver we have approver determinator "role".
    system log report
    com.virsa.ae.workflow.NoApproverFoundException: No approvers found for req no : 493, for reqPathId, 662, for path, PROD_APPRV_PATH and approver determinator : Role
         at com.virsa.ae.workflow.bo.WorkFlowBOHelper.handleApproversTransactions(WorkFlowBOHelper.java:1469)
         at com.virsa.ae.workflow.bo.WorkFlowRequestCreateHelper.handleWFForNewPath(WorkFlowRequestCreateHelper.java:278)
         at com.virsa.ae.workflow.bo.WorkFlowRequestCreateHelper.createNewWorkflow(WorkFlowRequestCreateHelper.java:167)
         at com.virsa.ae.workflow.bo.WorkFlowBO.saveNewWorkflow(WorkFlowBO.java:120)
         at com.virsa.ae.accessrequests.bo.RequestBO.saveNewRequest(RequestBO.java:579)
         at com.virsa.ae.accessrequests.actions.CreateRequestAction.createRequest(CreateRequestAction.java:381)
         at com.virsa.ae.accessrequests.actions.EUCreateRequestAction.createRequestHandler(EUCreateRequestAction.java:135)
         at com.virsa.ae.accessrequests.actions.EUCreateRequestAction.execute(EUCreateRequestAction.java:68)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Please let me know solution ASAP.This is high priority.
    Thanks
    Yakoob.

    It looked like some old request stuck in DB.But, not sure about it.I tried by changing the number ranges in configuration by giving the current request number in "from number",but it didn't work.
    This is strange some time it gives "error creating request: path not found." and once this error gone then "error creating request : approver not found".
    To avoid this i created one more stage by custom approver determinator with application attribute and approver assiged.This stage, i assigned before role approver stage then it worked,Request get created and request get provisioned.
    i don't understand why it's not working,if i assigned role approver stage first in a path of workflow.role approver (approver determinator:"role" standard one, "approver" gets from configuration:roles:create role:role approver OR upload from role import).
    Please help
    Thanks
    Yakoob.

  • The SELECT permissions was denied on the object 'extended_properties', database 'mssqlsystemresource', schema 'sys'.(Microsoft SQL Server, Error:229

    I have a SQL Server connected intro a Windows Server 2003 Domain Active Directory, the server holds a default instance with a single Database, the SQL Server is 2005 Std Edition, and is using mix mode Authentification, then I able to create SQL Native Users
    and Invoque Windows Domain Users also.
    The Goal of this project is remove the sysadmin Server role for all the Windows Domain Users, to give then a more granular secure model but at the moment is this only way to connect at the Data Base Server.
    I already create Native SQL Servers users without any problem!, they respect Securable Setting, Server Roles, User Mapping, everything...Just when I create a Login Profile form a Domain Users and apply the same setting, I get this error...
    The SELECT permissions was denied on the object 'extended_properties', database 'mssqlsystemresource', schema 'sys'.(Microsoft SQL Server, Error:229)
    But if the user have sysadmin Server Rol he can sing over the server without any issue, I review the .sys view extended_properties and "Public" is the only Database Role placed.
    Any Idea if I need change any Setting in the Secure in SQL Master DataBase? or which is the issue witjh this matter?
    Thank in advance for your help!

    Since there are so many possibilities for what might be wrong.  Here's another possibility to look at.  I ran into something where I had set up my own roles on a database.  (For instance, "Administrator", "Manager", "DataEntry",
    "Customer", each with their own kinds of limitations)  The only ones who could use it were "Manager" role or above--because they were also set up as sysadmin because they were adding users to the database (and they were highly trusted). 
    Also, the users that were being added were Windows Domain users--using their domain credentials.  (Everyone with access to the database had to be on our domain, but not everyone on the domain had access to the database--and only a few of them had access
    to change it.)
    Anyway, this working system suddenly stopped working and I was getting error messages similar to the above.  What I ended up doing that solved it was to go through all the permissions for the "public" role in that database and add those permissions
    to all of the roles that I had created.  I know that everyone is supposed to be in the "public" role even though you can't add them (or rather, you can "add" them, but they won't "stay added").
    So, in "SQL Server Management Studio", I went into my application's database, in other words (my localized names are obscured within <> brackets): "<Computername> (SQL Server <version> - sa)"\Databases\<MyAppDB>\Security\Roles\Database
    Roles\public".  Right-click on "public" and select "Properties".  In the "Database Role Properties - public" dialog, select the "Securables" page.  Go through the list and for each element in the
    list, come up with an SQL "Grant" statement to grant exactly that permission to another role.  So, for instance, there is a scalar function "[dbo].[fn_diagramobjects]" on which the "public" role has "Execute" privilege. 
    So, I added the following line:   
    EXEC ( 'GRANT EXECUTE ON [dbo].[fn_diagramobjects] TO [' + @RoleName + '];' )
    Once I had done this for all the elements in the "Securables" list, I wrapped that up in a while loop on a cursor selecting through all the roles in my roles table.  This explicitly granted all the permissions of the "public" role to
    my database roles.  At that point, all my users were working again (even after I removed their "sysadmin" access--done as a temporary measure while I figured out what happened.)
    I'm sure there's a better (more elegant) way to do this by doing some kind of a query on the database objects and selecting on the public role, but after about half and hour of investigating, I wasn't figuring it out, so I just did it the brute-force method. 
    In case it helps someone else, here's my code.
    CREATE PROCEDURE [dbo].[GrantAccess]
    AS
    DECLARE @AppRoleName AS sysname
    DECLARE AppRoleCursor CURSOR LOCAL SCROLL_LOCKS FOR
    SELECT AppRoleName FROM [dbo].[RoleList];
    OPEN AppRoleCursor
    FETCH NEXT FROM AppRoleCursor INTO @AppRoleName
    WHILE @@FETCH_STATUS = 0
    BEGIN
    EXEC ( 'GRANT EXECUTE ON [dbo].[fn_diagramobjects] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT EXECUTE ON [dbo].[sp_alterdiagram] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT EXECUTE ON [dbo].[sp_creatediagram] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT EXECUTE ON [dbo].[sp_dropdiagram] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT EXECUTE ON [dbo].[sp_helpdiagramdefinition] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT EXECUTE ON [dbo].[sp_helpdiagrams] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT EXECUTE ON [dbo].[sp_renamediagram] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[all_columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[all_objects] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[all_parameters] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[all_sql_modules] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[all_views] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[allocation_units] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[assemblies] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[assembly_files] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[assembly_modules] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[assembly_references] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[assembly_types] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[asymmetric_keys] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[certificates] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[change_tracking_tables] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[check_constraints] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[column_type_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[column_xml_schema_collection_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[computed_columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[conversation_endpoints] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[conversation_groups] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[conversation_priorities] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[crypt_properties] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[data_spaces] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[database_audit_specification_details] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[database_audit_specifications] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[database_files] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[database_permissions] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[database_principal_aliases] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[database_principals] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[database_role_members] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[default_constraints] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[destination_data_spaces] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[event_notifications] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[events] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[extended_procedures] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[extended_properties] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[filegroups] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[foreign_key_columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[foreign_keys] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[fulltext_catalogs] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[fulltext_index_catalog_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[fulltext_index_columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[fulltext_index_fragments] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[fulltext_indexes] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[fulltext_stoplists] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[fulltext_stopwords] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[function_order_columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[identity_columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[index_columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[indexes] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[internal_tables] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[key_constraints] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[key_encryptions] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[message_type_xml_schema_collection_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[module_assembly_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[numbered_procedure_parameters] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[numbered_procedures] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[objects] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[parameter_type_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[parameter_xml_schema_collection_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[parameters] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[partition_functions] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[partition_parameters] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[partition_range_values] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[partition_schemes] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[partitions] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[plan_guides] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[procedures] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[remote_service_bindings] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[routes] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[schemas] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[service_contract_message_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[service_contract_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[service_contracts] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[service_message_types] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[service_queue_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[service_queues] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[services] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[spatial_index_tessellations] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[spatial_indexes] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sql_dependencies] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sql_modules] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[stats] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[stats_columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[symmetric_keys] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[synonyms] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[syscolumns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[syscomments] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysconstraints] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysdepends] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysfilegroups] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysfiles] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysforeignkeys] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysfulltextcatalogs] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysindexes] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysindexkeys] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysmembers] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysobjects] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[syspermissions] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysprotects] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysreferences] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[system_columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[system_objects] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[system_parameters] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[system_sql_modules] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[system_views] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[systypes] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysusers] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[table_types] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[tables] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[transmission_queue] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[trigger_events] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[triggers] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[type_assembly_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[types] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[views] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_indexes] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_attributes] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_collections] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_component_placements] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_components] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_elements] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_facets] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_model_groups] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_namespaces] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_types] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_wildcard_namespaces] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_wildcards] TO [' + @AppRoleName + '];' )
    FETCH NEXT FROM AppRoleCursor INTO @AppRoleName
    END
    CLOSE AppRoleCursor
    RETURN 0
    GO
    Once that is in the system, I just needed to "Exec GrantAccess" to make it work.  (Of course, I have a table [RoleList] which contains a "AppRoleName" field that contains the names of the database roles.)
    So, the mystery remains: why did all my users lose their "public" role and why could I not give it back to them?  Was this part of an update to SQL Server 2008 R2?  Was it because I ran another script to delete each user and add them back
    so to refresh their connection with the domain?  Well, this solves the issue for now.
    One last warning: you probably should check the "public" role on your system before running this to make sure there isn't something missing or wrong, here.  It's always possible something is different about your system.
    Hope this helps someone else.

  • The SELECT permission was denied on the object 'extended_properties', database 'mssqlsystemresource', schema 'sys'. (Microsoft SQL Server, Error: 229)

    I have created a user and given him the owner rights for the database.  Though I can LogIn as the user, I cannot access the databases.  I am having the error mesage:
    Failed to retrieve data for this request. (Microsoft.SqlServer.Management.Sdk.Sfc)
    For help, click:
    http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&LinkId=20476
    ADDITIONAL INFORMATION:
    An exception occurred while executing a Transact-SQL statement or batch. (Microsoft.SqlServer.ConnectionInfo)
    The SELECT permission was denied on the object 'extended_properties', database 'mssqlsystemresource', schema 'sys'. (Microsoft SQL Server, Error: 229)
    For help, click:
    http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&ProdVer=10.50.1600&EvtSrc=MSSQLServer&EvtID=229&LinkId=20476
    Sha_woop

    Since there are so many possibilities for what might be wrong.  Here's another possibility to look at.  I ran into something where I had set up my own roles on a database.  (For instance, "Administrator", "Manager", "DataEntry", "Customer",
    each with their own kinds of limitations)  The only ones who could use it were "Manager" role or above--because they were also set up as sysadmin because they were adding users to the database (and they were highly trusted).  Also, the users that
    were being added were Windows Domain users--using their domain credentials.  (Everyone with access to the database had to be on our domain, but not everyone on the domain had access to the database--and only a few of them had access to change it.)
    Anyway, this working system suddenly stopped working and I was getting error messages similar to the above.  What I ended up doing that solved it was to go through all the permissions for the "public" role in that database and add those permissions to
    all of the roles that I had created.  I know that everyone is supposed to be in the "public" role even though you can't add them (or rather, you can "add" them, but they won't "stay added").
    So, in "SQL Server Management Studio", I went into my application's database, in other words (my localized names are obscured within <> brackets): "<Computername> (SQL Server <version> - sa)"\Databases\<MyAppDB>\Security\Roles\Database
    Roles\public".  Right-click on "public" and select "Properties".  In the "Database Role Properties - public" dialog, select the "Securables" page.  Go through the list and for each element in the list, come up with an SQL "Grant" statement to
    grant exactly that permission to another role.  So, for instance, there is a scalar function "[dbo].[fn_diagramobjects]" on which the "public" role has "Execute" privilege.  So, I added the following line:
    EXEC ( 'GRANT EXECUTE ON [dbo].[fn_diagramobjects] TO [' + @RoleName + '];' )
    Once I had done this for all the elements in the "Securables" list, I wrapped that up in a while loop on a cursor selecting through all the roles in my roles table.  This explicitly granted all the permissions of the "public" role to my database roles. 
    At that point, all my users were working again (even after I removed their "sysadmin" access--done as a temporary measure while I figured out what happened.)
    I'm sure there's a better (more elegant) way to do this by doing some kind of a query on the database objects and selecting on the public role, but after about half and hour of investigating, I wasn't figuring it out, so I just did it the brute-force method. 
    In case it helps someone else, here's my code.
    CREATE PROCEDURE [dbo].[GrantAccess]
    AS
    DECLARE @AppRoleName AS sysname
    DECLARE AppRoleCursor CURSOR LOCAL SCROLL_LOCKS FOR
    SELECT AppRoleName FROM [dbo].[RoleList];
    OPEN AppRoleCursor
    FETCH NEXT FROM AppRoleCursor INTO @AppRoleName
    WHILE @@FETCH_STATUS = 0
    BEGIN
    EXEC ( 'GRANT EXECUTE ON [dbo].[fn_diagramobjects] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT EXECUTE ON [dbo].[sp_alterdiagram] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT EXECUTE ON [dbo].[sp_creatediagram] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT EXECUTE ON [dbo].[sp_dropdiagram] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT EXECUTE ON [dbo].[sp_helpdiagramdefinition] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT EXECUTE ON [dbo].[sp_helpdiagrams] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT EXECUTE ON [dbo].[sp_renamediagram] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[all_columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[all_objects] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[all_parameters] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[all_sql_modules] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[all_views] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[allocation_units] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[assemblies] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[assembly_files] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[assembly_modules] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[assembly_references] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[assembly_types] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[asymmetric_keys] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[certificates] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[change_tracking_tables] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[check_constraints] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[column_type_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[column_xml_schema_collection_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[computed_columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[conversation_endpoints] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[conversation_groups] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[conversation_priorities] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[crypt_properties] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[data_spaces] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[database_audit_specification_details] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[database_audit_specifications] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[database_files] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[database_permissions] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[database_principal_aliases] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[database_principals] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[database_role_members] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[default_constraints] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[destination_data_spaces] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[event_notifications] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[events] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[extended_procedures] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[extended_properties] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[filegroups] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[foreign_key_columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[foreign_keys] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[fulltext_catalogs] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[fulltext_index_catalog_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[fulltext_index_columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[fulltext_index_fragments] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[fulltext_indexes] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[fulltext_stoplists] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[fulltext_stopwords] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[function_order_columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[identity_columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[index_columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[indexes] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[internal_tables] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[key_constraints] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[key_encryptions] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[message_type_xml_schema_collection_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[module_assembly_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[numbered_procedure_parameters] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[numbered_procedures] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[objects] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[parameter_type_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[parameter_xml_schema_collection_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[parameters] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[partition_functions] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[partition_parameters] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[partition_range_values] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[partition_schemes] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[partitions] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[plan_guides] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[procedures] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[remote_service_bindings] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[routes] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[schemas] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[service_contract_message_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[service_contract_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[service_contracts] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[service_message_types] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[service_queue_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[service_queues] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[services] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[spatial_index_tessellations] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[spatial_indexes] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sql_dependencies] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sql_modules] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[stats] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[stats_columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[symmetric_keys] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[synonyms] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[syscolumns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[syscomments] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysconstraints] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysdepends] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysfilegroups] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysfiles] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysforeignkeys] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysfulltextcatalogs] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysindexes] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysindexkeys] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysmembers] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysobjects] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[syspermissions] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysprotects] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysreferences] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[system_columns] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[system_objects] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[system_parameters] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[system_sql_modules] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[system_views] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[systypes] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[sysusers] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[table_types] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[tables] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[transmission_queue] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[trigger_events] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[triggers] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[type_assembly_usages] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[types] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[views] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_indexes] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_attributes] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_collections] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_component_placements] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_components] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_elements] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_facets] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_model_groups] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_namespaces] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_types] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_wildcard_namespaces] TO [' + @AppRoleName + '];' )
    EXEC ( 'GRANT SELECT ON [sys].[xml_schema_wildcards] TO [' + @AppRoleName + '];' )
    FETCH NEXT FROM AppRoleCursor INTO @AppRoleName
    END
    CLOSE AppRoleCursor
    RETURN 0
    GO
    Once that is in the system, I just needed to "Exec GrantAccess" to make it work.  (Of course, I have a table [RoleList] which contains a "AppRoleName" field that contains the names of the database roles.)
    So, the mystery remains: why did all my users lose their "public" role and why could I not give it back to them?  Was this part of an update to SQL Server 2008 R2?  Was it because I ran another script to delete each user and add them back so to refresh
    their connection with the domain?  Well, this solves the issue for now.
    One last warning: you probably should check the "public" role on your system before running this to make sure there isn't something missing or wrong, here.  It's always possible something is different about your system.
    Hope this helps someone else.

  • Approve,Reject,Reassign and request Information button were dissapeared ???

    Dear All ;
    I want to make approve for Leave of absence Employee rquest in the Manager Self Service Responsibility , in All Actions Awaiting Your Attention page i selected the employee record then i sow his request but Approve,Reject,Reassign and request Information buttons were dissapeared ...
    Any Help Please...
    Best Regards

    Check the worklist for the notification. The buttons should be there.

Maybe you are looking for

  • I'm trying to mirror my iPad 2 or my iPhone 4S to my Apple TV but I don't see the Airplay icon on either device.

    I have an iPad 2 and an iPhone 4S. I bought Apple TV recently and I've gotten bored of just using it to stream Netflix. I've been trying all morning to get Airplay to work on either my iPad or my iPhone, but I don't even see the Airplay icon when I d

  • Displaypor​t version and maximum resolution​(s)

    Hi. I'm considering buying a TS140 server for use as a workstation (Software development using multiple virtual machines). I'm also considering buying  a 4k monitor and would like to know if TS140 (70A4) supports 3840 x 2160 resolution at 60Hz. This

  • OIM 11g R2 - Connectors

    Hello, are the 11g R1 Connectors certified for R2? Are these the current connectors for R2? Oracle Identity Manager Connector Downloads</title><meta name="Title" content="Oracle Identity M-

  • Custom sorting chart legend

    Hi all, i've got a chart, but want to customize the sorting from the legend fields with a "fixed" colour for a value. regards, Osman Edited by: Ossy81 on Sep 7, 2010 5:23 PM

  • How do I download Acrobat Full Version?

    SO here I am, running too much javascript in the rich editor on adobe forums. All I wanted was a frickin download link for Adobe Acrobat. Nope, I have to download the adobe download manager. OK, done. Now I have to install acrobat, but Adobe says I m