Embedded Files
sysadmin
sysadmin
Has all permissions in the server. It can do everything that any other server-level role can do.
Check
Check
To see who has been granted 'sysadmin'...
SELECT sp.name,
sp.is_disabled
FROM sys.server_role_members rm,
sys.server_principals sp
WHERE rm.role_principal_id = SUSER_ID('Sysadmin')
AND rm.member_principal_id = sp.principal_id
Sometimes it's useful just to have a count of the number of users with sysadmin...
SELECT COUNT(*)
FROM sys.server_role_members rm,
sys.server_principals sp
WHERE rm.role_principal_id = SUSER_ID('Sysadmin')
AND rm.member_principal_id = sp.principal_id
NT AUTHORITY\SYSTEM
NT AUTHORITY\SYSTEM
In earlier versions of SQL Server, NT AUTHORITY\SYSTEM was granted the sysadmin role. This is no longer recommended as it is considered a shared account.
https://www.stigviewer.com/stig/ms_sql_server_2016_instance/2018-03-09/finding/V-79129serveradmin
serveradmin
Start or Stop the server
securityadmin
securityadmin
Has the ALTER ANY LOGIN privilege. Therefore a Login with this Role is capable of granting any other Role or Privilege (except SYSADMIN) to any other User or Role, including itself.
processadmin
processadmin
Can Kill processes
setupadmin
setupadmin
Create a Linked Server.
(But, just because you can doesn't mean you should).bulkadmin
bulkadmin
Allows you to bulk load records into a database.
diskadmin
diskadmin
Newer backup technologies have made this pretty much redundant.
dbcreator
dbcreator
Can create a new database.
public
public
Can connect.
Bibliography
Bibliography
https://docs.microsoft.com/en-us/sql/relational-databases/security/authentication-access/server-level-roles?view=sql-server-ver15https://blog.sqlauthority.com/2017/01/11/sql-server-query-get-list-logins-system-admin-sysadmin-permission/https://stackoverflow.com/questions/45322406/should-nt-authority-system-be-granted-the-sysadmin-rolehttps://www.stigviewer.com/stig/ms_sql_server_2016_instance/2018-03-09/finding/V-79129
Page updated
Google Sites
Report abuse