SQL Server 2008 Database Roles

Database roles deal with actions that are performed at the database level. Actions within SQL Server can be grouped into different types of actions.

Following are the existing database roles installed with SQL Server and what they can or cannot do:

• dbo/db_owner: Specifies the owner of the database

• db_accessadmin: Can manage access to a database for logins

• db_backupoperator: Can back up the database

• db_datareader: Can read data from all user-defined tables

• db_datawriter: Can perform any write actions to user tables

• db_ddladmin: Can perform Data Definition Language (DDL) actions such as creation of tables

• db_denydatareader: Cannot read data from user tables

• db_denydatawriter: Cannot write data from user tables

• db_securityadmin: Can modify database role membership and manage permissions

• public: Can see any database objects that are created with public, or full rights, access (every user that you create will belong to the public database role)

Although you will put the existing database roles to use, you’ll find it helpful to create new database roles—a common task in SQL Server—when you want to be very specific about permissions particular users have. You do this by creating a specific database role, and then adding the Windows accounts/Windows groups/SQL Server logins to your role. If you wanted to group several groups together, then you might create a new role.

Source of Information : Apress Beginning SQL Server 2008 for Developers From Novice to Professional


Subscribe to Developer Techno ?
Enter your email address:

Delivered by FeedBurner