July 26, 2012 at 12:10 am
Hi All
I'm working with a SQL Server where a Specific Login has the sysadmin server role.
Is it still necessary to add the login as a user to the databases or will the Login have automatic access to all databases?
Thanks
July 26, 2012 at 2:11 am
If you grant the server level role sysadmin you dont need to grant anything else as your effictivly saying you can do what you want where you want.
July 26, 2012 at 2:15 am
anthony.green (7/26/2012)
If you grant the server level role sysadmin you dont need to grant anything else as your effictivly saying you can do what you want where you want.
Thanks
July 26, 2012 at 9:59 am
SQLSACT (7/26/2012)
Hi AllI'm working with a SQL Server where a Specific Login has the sysadmin server role.
Is it still necessary to add the login as a user to the databases or will the Login have automatic access to all databases?
Thanks
In this case sysadmins can enter any database on the instance as dbo, i.e. as the database owner. Database owners have complete control over all aspects of the database, including the ability to drop it.
Be careful granting people or applications the privileges to log into a database instance with sysadmin role membership. Errant application code, a bad ad hoc query by a user or an intentionally malicious action occurring under the login can cause irreversible damage to the database instance or data. It's best to adhere to the principle of least privilege and only grant permissions to a login necessary for it to complete its tasks, nothing more, nothing less, i.e. granting sysadmin role membership is usually unnecessary so evaluate the need before granting the privilege.
There are no special teachers of virtue, because virtue is taught by the whole community.
--Plato
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply