Fixed Database Roles:
SQL Server includes a Fixed Database Role. They are mainly intended to organize the administrative tasks. A user can also have more than one role. The fixed database roles include the following:
•Db_accessadmin: It helps a user to access a database, but not manage the database security level.
•Db_backupoperator: It performs backup, checkpoints, and DBCC commands, but cannot manage the database level security.
•Db_datareader: It is used to read all the data in the database. It is moreover an equivalent of a grant on all objects, and it can be overridden by a deny permission.
•Db_datawriter: It is used to write all the data in the database. It is moreover an equivalent of a grant on all objects, and it can be overridden by a deny permission.
•Db_ddladmin: It helps to issue DDL commands like create, alter, and drop.
•Db_denydatareader: It is being used to read from any table in the database. This Deny can easily override the Grant permission.
•Db_denydatawriter: It is mainly being used to block modifying data in any table in a database. They would override any object-level grant.
•Db_owner: It has all the permissions in the database. This is also not equivalent to server sysadmin role. An object-level deny will override membership in this role.
•Db_securityadmin: It helps to manage the database-level security roles and permission.
SQL Server includes a Fixed Database Role. They are mainly intended to organize the administrative tasks. A user can also have more than one role. The fixed database roles include the following:
•Db_accessadmin: It helps a user to access a database, but not manage the database security level.
•Db_backupoperator: It performs backup, checkpoints, and DBCC commands, but cannot manage the database level security.
•Db_datareader: It is used to read all the data in the database. It is moreover an equivalent of a grant on all objects, and it can be overridden by a deny permission.
•Db_datawriter: It is used to write all the data in the database. It is moreover an equivalent of a grant on all objects, and it can be overridden by a deny permission.
•Db_ddladmin: It helps to issue DDL commands like create, alter, and drop.
•Db_denydatareader: It is being used to read from any table in the database. This Deny can easily override the Grant permission.
•Db_denydatawriter: It is mainly being used to block modifying data in any table in a database. They would override any object-level grant.
•Db_owner: It has all the permissions in the database. This is also not equivalent to server sysadmin role. An object-level deny will override membership in this role.
•Db_securityadmin: It helps to manage the database-level security roles and permission.
No comments:
Post a Comment