Upgrade your Internet Experience
Microsoft.com
Welcome Sign in
SQL Server Developer Center
Click to Rate and Give Feedback
MSDN
MSDN Library
SQL Server
SQL Server 2008
Database Engine
Permissions
 Permissions of Fixed Server Roles
Community Content
In this section
Statistics Annotations (0)
Collapse All/Expand All Collapse All
Other versions are also available for the following:
SQL Server 2008 Books Online (October 2009)
Permissions of Fixed Server Roles (Database Engine)

Updated: 26 February 2009

Fixed server roles can be mapped to the more specific permissions that are included in SQL Server. The following table describes the mapping of the fixed server roles to permissions.

Fixed server role Server-level permission

bulkadmin

Granted: ADMINISTER BULK OPERATIONS

dbcreator

Granted: ALTER ANY DATABASE

diskadmin

Granted: ALTER RESOURCES

processadmin

Granted: ALTER ANY CONNECTION, ALTER SERVER STATE

securityadmin

Granted: ALTER ANY LOGIN

serveradmin

Granted: ALTER ANY ENDPOINT, ALTER RESOURCES, ALTER SERVER STATE, ALTER SETTINGS, SHUTDOWN, VIEW SERVER STATE

setupadmin

Granted: ALTER ANY LINKED SERVER

sysadmin

Granted with GRANT option: CONTROL SERVER

 Remarks

The public role is granted VIEW ANY DATABASE permission.

Members of the securityadmin fixed server role can grant both server-level and database-level permissions.
 See Also

Reference

Server-Level Roles

Concepts

Permissions of Fixed Database Roles (Database Engine)
Permissions Hierarchy (Database Engine)
Securing SQL Server

Other Resources

GRANT (Transact-SQL)
DENY (Transact-SQL)
REVOKE (Transact-SQL)

Help and Information

Getting SQL Server 2008 Assistance
 Change History

Updated content

Corrected the permission of dbcreator.
Tags What's this?: Add a tag
Community Content   What is Community Content?
Add new content RSS  Annotations
© 2009 Microsoft Corporation. All rights reserved. Terms of Use | Trademarks | Privacy Statement | Site Feedback
Page view tracker