User management for a specific database

NikoT780 

Hi, Niko.

The sysadmin server role is required for managing server logins, while the db_owner and db_accessadmin database roles can manage database users.

If your "gis" account is not a member of the sysadmin server role (ideally, it wouldn't be a member of any server role) but is a member of the db_owner database role then you have already fulfilled your requirements, since this allows "gis" to manage users within that specific database and no other database.

For example, if you have five databases (including the gis database) on that one SQL Server, then so long as the gis user has only been granted to the gis database and placed in either db_owner (which you have already done) or db_accessadmin, you're done - there's nothing left to do.

The fact that the gis user is the owner of the gisdaten schema isn't particularly relevant to your stated requirements, since in having db_owner access, the gis user can access all schemas within that specific database.

Database role reference (which happens to have a nicely-laid out illustration of the database roles and rights):

• Database-Level Roles - SQL Server | Microsoft Learn

Cheers,

Lain