Character | description |
---|---|
sysadmin | SQL Server to perform any action |
serveradmin | Configure server settings |
setupadmin | Install replication and manage extended process |
securityadmin | Log management and CREATE DATABASE permissions and audit reading |
processadmin | Management SQL Server process |
dbcreator | Create and modify database |
Desk admin | Disk File Management |
1, sysadmin: SQL Server to perform any action
This role can perform any operations on SQL Server. Essentially, anyone with this role memberships are sa on that server. On SQL Server, Windows Administrators group are automatically mapped to the sysadmin role. This means that any member of the Administrators group on the server at the same time also have access to the SQL sa level data. If necessary, you can delete the Windows administrators group from the sysadmin role. Only members of this role (or been given the role of the members of the user CREATE DATABASE permission) to be able to create the database. * Sa login has been a member of the sysadmin role, and can not be removed from that role.
2, serveradmin: configure server settings
This role can set the server-wide configuration options, or shut down the server. Despite its rather limited in scope, however, will have a very significant impact on server performance by members of the functional role of the control of the members of the serveradmin role can perform the following actions: add another log on to the server running dbcc role pintable command (so that the table resident in the main memory) to run the system procedure sp_configure (to display or change system options) run reconfigure option (to update the system procedure sp_configure All changes) using the shutdown command to turn off the system running the database server process sp_tableoption user-defined table settings option value
3, setupadmin: copy the installation and expansion process management
Setupadmin role in the management of membership is limited to link servers and boot process, you can perform the following actions: add other login server to add, remove, or configure server roles linked to * perform some system processes, such as sp_serveroption
4, securityadmin: Log Management and CREATE DATABASE permissions and audit reading
The role securitypadmin members for administrative login, read the error log and database permissions to create a login name, you can perform all actions concerning server access and security. These members can make the following system actions: add another sign read SQL Server error log * system process to run the following server roles: as sp_addlinkedsrvlogin, sp_addlogin, sp_defaultdb, sp_defaultlanguage, sp_denylogin, sp_droplinkedsrvlogin, sp_droplogin, sp_grantlogin, sp_helplogins, sp_remoteoption and sp_revokelogin (All of these systems are processes related to system security.)
5, processadmin: SQL Server Process Management
The role processadmin members used to manage SQL Server process, such as suspension of queries the user is running. These members can perform the following actions: add other login execute the KILL command to the server roles (to cancel the user process)
6, dbcreator: to create and modify database
dbcreator the membership is limited to creating and altering database, these members can perform the following actions: add another sign running CREATE DATABASE and ALTER DATABASE statement * to use the system to process sp_renamedb server role to change the name of the database
7, diskadmin: disk file management
The members diskadmin for managing disk files (assigned to what groups of files, attach and detach a database, etc.), these members can perform the following actions :: add another log on to the server process running as system roles: sp_ddumpdevice and sp_dropdevice . * Run DISK INIT statement
Reproduced in: https: //www.cnblogs.com/rainman/p/3509626.html