SQL Server role的定义

今天仔细差了一下SQL Sever中各种role的定义,记录备查

Predefined database roles
You may need to create your own, but you have access to several predefined database roles:

  • db_owner: Members have full access.
  • db_accessadmin: Members can manage Windows groups and SQL Server logins.
  • db_datareader: Members can read all data.
  • db_datawriter: Members can add, delete, or modify data in the tables.
  • db_ddladmin: Members can run dynamic-link library (DLL) statements.
  • db_securityadmin: Members can modify role membership and manage permissions.
  • db_bckupoperator: Members can back up the database.
  • db_denydatareader: Members can’t view data within the database.
  • db_denydatawriter: Members can’t change or delete data in tables or views.

Fixed roles
The fixed server roles are applied serverwide, and there are several predefined server roles:
  • SysAdmin: Any member can perform any action on the server.
  • ServerAdmin: Any member can set configuration options on the server.
  • SetupAdmin: Any member can manage linked servers and SQL Server startup options and tasks.
  • Security Admin: Any member can manage server security.
  • ProcessAdmin: Any member can kill processes running on SQL Server.
  • DbCreator: Any member can create, alter, drop, and restore databases.
  • DiskAdmin: Any member can manage SQL Server disk files.
  • BulkAdmin: Any member can run the bulk insert command.

Reference: http://www.techrepublic.com/article/understanding-roles-in-sql-server-security/1061781

posted @ 2011-07-13 10:11  KymoWang  阅读(1185)  评论(0编辑  收藏  举报