Login e User

Utilizadores são identificados em primeira instância no servidor, depois na base de dados e finalmente nos objetos da BD.

• Com diferentes privilégios (associados a roles) em cada nível

Ao nível do servidor os utilizadores são reconhecidos pelo seu login. Três tipos:

• Windows user login

• Membership in a Windows user group

• SQL Server-specific login

Se o utilizador pertence ao grupo sysadmin, então tem acesso total as funcionalidades do servidor, BD e objetos.

Pode ter acesso a uma base de dados:

• O loginID tem de ser mapeado para userID

Criar, Eliminar, Alterar

Server Roles

Bulkadmin

Can perform bulk insert operations

Dbcreator

Can create, alter, drop, and restore databases

Diskadmin

Can create, alter, and drop disk files

Processadmin

Can kill a running SQL Server process

Securityadmin

Can manage the logins for the server

Serveradmin

Can configure the serverwide settings, including setting up full-text searches and shutting down the server

Setupadmin

Can configure linked servers, extended stored procedures, and the startup stored procedure

Sysadmin

Can perform any activity in the SQL Server installation, regardless of any other permission setting. The sysadmin role even overrides denied permissions on an object.

Public

Every SQL Server login belongs to the public server role. When a server principal has not been granted or denied specific permissions on a securable object, the user inherits the permissions granted to public on that object.

Associar 1..N Server Roles