sys.server_permissions (Transact-SQL)
Returns one row for each server-level permission.
Column name | Data type | Description |
|---|---|---|
class | tinyint | Identifies class of thing on which permission exists. 100 = Server 101 = Server-principal 105 = Endpoint |
class_desc | nvarchar(60) | Description of class on which permission exists.
|
major_id | int | ID of the securable on which permission exists, interpreted according to class. For most, this is just the kind of ID that applies to what the class represents. Interpretation for non-standard is as follows: 100 = Always 0 |
minor_id | int | Secondary ID of thing on which permission exists, interpreted according to class. |
grantee_principal_id | int | Server-principal-ID to which the permissions are granted. |
grantor_principal_id | int | Server-principal-ID of the grantor of these permissions. |
type | char(4) | Server permission type. For a list of permission types, see the next table. |
permission_name | nvarchar(128) | Permission name. |
state | char(1) | Permission state: D = Deny R = Revoke G = Grant W = Grant With Grant option |
state_desc | nvarchar(60) | Description of permission state: DENY REVOKE GRANT GRANT_WITH_GRANT_OPTION |
Permission type | Permission name | Applies to securable |
|---|---|---|
ADBO | ADMINISTER BULK OPERATIONS | SERVER |
AL | ALTER | ENDPOINT, LOGIN |
ALCD | ALTER ANY CREDENTIAL | SERVER |
ALCO | ALTER ANY CONNECTION | SERVER |
ALDB | ALTER ANY DATABASE | SERVER |
ALES | ALTER ANY EVENT NOTIFICATION | SERVER |
ALHE | ALTER ANY ENDPOINT | SERVER |
ALLG | ALTER ANY LOGIN | SERVER |
ALLS | ALTER ANY LINKED SERVER | SERVER |
ALRS | ALTER RESOURCES | SERVER |
ALSS | ALTER SERVER STATE | SERVER |
ALST | ALTER SETTINGS | SERVER |
ALTR | ALTER TRACE | SERVER |
AUTH | AUTHENTICATE SERVER | SERVER |
CL | CONTROL | ENDPOINT, LOGIN |
CL | CONTROL SERVER | SERVER |
CO | CONNECT | ENDPOINT |
COSQ | CONNECT SQL | SERVER |
CRDB | CREATE ANY DATABASE | SERVER |
CRDE | CREATE DDL EVENT NOTIFICATION | SERVER |
CRHE | CREATE ENDPOINT | SERVER |
CRTE | CREATE TRACE EVENT NOTIFICATION | SERVER |
IM | IMPERSONATE | LOGIN |
SHDN | SHUTDOWN | SERVER |
TO | TAKE OWNERSHIP | ENDPOINT |
VW | VIEW DEFINITION | ENDPOINT, LOGIN |
VWAD | VIEW ANY DEFINITION | SERVER |
VWDB | VIEW ANY DATABASE | SERVER |
VWSS | VIEW SERVER STATE | SERVER |
XA | EXTERNAL ACCESS | SERVER |
In SQL Server 2005 and later versions, the visibility of the metadata in catalog views is limited to securables that a user either owns or on which the user has been granted some permission. For more information, see Metadata Visibility Configuration.
