We have change tracking enabled on our SQL Server. The tables which are enabled for change tracking span multiple schemas. We can successfully execute the following to grant VIEW CHANGE TRACKING on the schema class, but we would like to grant this permission at the database level to cover all schemas. When attempting to grant at the database class level, it returns the following error. I am running the command in the context of the Test database. I can't find any documentation that would indicate this specific permission cannot be granted at this level.
Incorrect syntax near 'VIEW CHANGE TRACKING'.
-- Granting on schema class works
GRANT VIEW CHANGE TRACKING ON SCHEMA::dbo TO TestUser
-- Granting on database class fails
GRANT VIEW CHANGE TRACKING ON DATABASE::Test TO TestUser
Here's a script to generate the grant for all the schemas containing a change tracked table:
select distinct 'grant view change tracking on schema::' +quotename(schema_name(schema_id))+ ' to testuser;'
from sys.tables t
join sys.change_tracking_tables ct
on t.object_id = ct.object_id