1. Goal
Master how to create a new user for sql server and bind certain database permissions to the user
Simply put, create a new user for sql server and allow this user to only access certain databases
2. Introduction
This time use sql server 2012 as an example.
3. Create a new user kahn.xiao for sql server and give this user all permissions to the database TestStudent
1. Open Microsoft SQL Server Management Studio and log in with windows authentication (or sa account)
2. Click the left menu [Security]---[Login Name], then right-click "Login Name", click [New Login Name]
3. Fill in the user name and password, etc.
Username: kahn.xiao
Password: enter a more complex password twice.
Mandatory try password policy: check.
Default database: TestStudent --->Specify a default database for the new user.
Finally click [User Mapping] to continue binding Define data permissions.
4. Bind the database TestStudent permission to the newly created user kahn.xiao
● Point the target database library name [TestStudent], and then check it.
● Check the following permissions [db_owner], so that the new user kahn.xiao can have administrator permissions on the database TestStudent.
● Finally, click the [OK] button.
5. Let the newly created user kahn.xiao have permissions to multiple databases,
Then continue to the fourth step, click on other databases, and then check the corresponding permissions below. In this way, users can be given different permissions to multiple databases at one time.
6. Use the newly created user kahn.xiao to log in to the database and try
● Use SQL Server authentication to log in to the database.
Enter the user name and password, and click Connect.
● Query the database TestStudent that has just been granted permission to see if it can be used normally
● Try to access other databases
It is found that there is no permission to access the database.
That's right,
because when we created a new user, we only gave kahn.xiao permission to TestStudent.
At this point, we create a new user on the sql server and assign specific database permissions to the user and we are done.
Four, expansion
'db_owner'-has all the permissions of the database, including the permission to delete the database.'db_accessadmin'
-only gives the database user the permission to create other database users, but not the permission to create the login user.
'db_securityadmin'-can manage all permissions, object ownership, roles and role membership'db_ddladmin'
-can issue all DDL (Create, Alter and Drop), but can not issue GRANT, REVOKE or DENY statement'db_backupoperator'
-allowed The right to back up and restore the database [backup and restore can also be done through sql sever management studio]
'db_datareader'-can select all data in any user table in the
database'db_datawriter'-can change any user table in the database All data in
the'db_denydatareader' - can not query any data
in any user table in the database'db_denydatawriter' - can not change any data in any user table in the database
-----------------END----------------------July 6, 2020---- ----------------------------------------------