I have a database "myDB" running in a Windows Server machine. Users (coming under Administrators group) remotely access this server and log-in to this database using Windows Authentication mechanism.
I want to deny the drop object permissions for all these users, except for the actual Administrator in this machine
P.S – All the users whose drop permission is to be revoked comes under the Administrators user group.
Best Answer
Use a DDL trigger to prevent the drop if the login name doesn't match what you expect. Modify the database name and login name as appropriate.