SQL Server server-level roles

Source: Internet
Author: User

Role in SQL Server is important, so be careful about its contents. The file is transferred from MS Official website.

Https://msdn.microsoft.com/zh-cn/library/ms188659.aspx

SQL Server provides server-level roles to help you manage permissions on the server. These roles are security principals that can be combined with other principals. Permission scopes for server-level roles are server-wide. ("role" is similar to "group" in Windows operating system.) )

The following table shows the fixed roles and their permissions at the server level.

Fixed roles at the server level

Description

Sysadmin

Members of the sysadmin fixed server role can perform any activity on the server.

ServerAdmin

Members of the ServerAdmin fixed server role can change server-wide configuration options and shut down the server.

Securityadmin

Securityadmin members of the fixed server role manage logins and their properties. They can grant, DENY, and REVOKE server-level permissions. They can also GRANT, DENY, and REVOKE database-level permissions if they have access to the database. In addition, they can reset the password for the SQL Server login.

** Security Note * * the ability to grant access to the database engine and configure user rights allows security administrators to assign most server permissions. The securityadmin role should be considered equivalent to the sysadmin role.

Processadmin

A member of the Processadmin fixed server role can terminate a process that runs in an instance of SQL Server.

Setupadmin

Members of the Setupadmin fixed server role can use Transact-SQL statements to add and remove linked servers. (SysAdmin membership is required when using Management Studio.) )

Bulkadmin

Members of the Bulkadmin fixed server role can run BULK INSERT statements.

Diskadmin

The Diskadmin fixed server role is used to manage disk files.

DBCreator

Members of the dbcreator fixed server role can create, change, delete, and restore any database.

Public

Each SQL Server logon name belongs to the public server role. If a server principal is not granted or denied specific permissions to a securable object, the user inherits the permissions granted to the public role of the object. Assign the public permission on an object only if you want all users to be able to use the object. You cannot change a member relationship in public.

Note: Public is implemented differently than other roles. However, permissions can be granted, denied, or revoked from public.

SQL Server server-level roles

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.