16 SQL Server SQL Server
SQL Server
SQL Server SQL Server (Login) (User Permissions) Stored Procedure Window XP / 2003 Server / Vista SQL Server 2005
SQL Server 2 Windows Authentication Mode
SQL Server Microsoft Windows SQL Server SQL Server SQL Server Authentication Mode
SQL Server SQL Server
SQL Server
SQL Server Windows Windows Authentication
Windows Authentication SQL Server SQL Server Window Server Domain Controller SQL Server Windows Authentication SQL Server Authentication Windows Server Windows Server 2003, Windows Vista Windows Server , , SQL Server Authentication
SQL Server SQL Server SQL Server SQL Server SQL Server SQL Server Authentication Windows Windows 98/ME Windows Authentication SQL Server Authentication
Windows Authentication Authentication Local Domain SQL Server sa sa Authentication Windwos Authentication
SQL Server 2 sa (Systerm Administrator) guest sa SQL Server SQL Server
Windows Authentication SQL Server Authentication
1. Management Studio
Properties Server Properties
2 Windows Authentication mode Windows Windows 98/ME sa SQL Server and Windows Authentication mode (Mixed mode ) SQL Server 1. Server Properties Windows Authentication mode OK
2. Restart3. Disconnect4. Connect Object Explorer Connect to Server sa Windows SQL Server SQL Server 2 1. Login ( ) THARIN sysxlogins master (User)
2. User ( ) SQL Server Kim Kim1 Orders1 Kim2 Orders2 Kim Orders1 Orders2 () Kim1 Kim2 Kim1 TblProducts Orders1 Kim2 TblProducts Order2 sysusers
Login User Management Studio
Management Studio 1. Login Login New Login
2. Login New Login name 2 Windows Authentication Windows Search Windows SQL Server Authentication SQL Server Password Enforce password policy 6 3 4 ( 1 A Z, 2 a z, 3 0 9, 4 !, $, #, %)
Enforce password expiration User must change password at next login SQL Server User must change password at next login SQL Server Windows Server Windows 2003/Vista Default database Default language
3. Server Roles (Role) Role
3. (Role) Server Roles
Role Permissions Role 4. User Mapping User Mapping to this login Map User Database role membership (Role)
5. Securables (Permission) Role
5. (Permission) Securables
6. Status Permissoion / (Grant) (Deny)
Login / (Enable) (Disable)
Transact SQL
Management Studio Stored Procedure sp_addlogin
Login_id Password defaultdb master defaultlanguage NULL
tharin SUCCESS Orders Management Studio
(Server Roles) (Roles) ( )
Management Studio Delete
Delete Transact SQL
Management Studio Stored Procedure sp_droplogin
tharin
,
Login Properties
(Server Roles) sysadmin
sp_password
sp_password success, tharin
SUCCESS tharin Management Studio
Management Studio 1. Security Users New User
Users New User
2. Database User New User name Login name ( ) (Roles) Database role membership OK
Transact SQL
Management Studio Stored Procedure sp_addlogin
login_id username rolename Role Role ()
kim tharin
Management Studio
Management Studio Delete
Delete
SQL Server ALTER AUTHORIZATION
entity_name Type, XML Schema Collection, Fulltext Catalog, Schema, Assembly, Role, Message Type, contract, Service, Remote Service Binding, Route, Symmetric Key, Endpoint, Certificate Data base
SCHEMA OWNER
Stored Procedure sp_help
Transact SQL
Stored Procedure sp_dropuser
, , 1 128 , Margaret, Tharin, Sonsit 14#&xyz
, , Transact SQL () ([]) , , Tharin Sittitummancharee
$ @ $Tharin
,
\ (backslash) \ Windows NULL () SQL Server SQL Server Sa (System Administrator)
System Administrator (sa) SQL Server sysadmin role () sa sysadmin role ( sysadmin role sa) sa SQL Server
SQL Server sa SQL Server dbo (Database Owner)
dbo SQL Server db_owner role sysadmin role dbo success sysadmin role tharin success sysadmin role tharin dbo T1 dbo.T1 tharin.T1
success sysadmin role tharin dbo db_owner role success tharin db_owner role tharin.T1 dbo.T1
dbo sysadmin role dbo dbo
tharin T1 tharin.T1
guest
guest guest guest guest guest guest 2 guest db_accessadmin ( ) Default database guest 2 Default database guest RolesSQL Server Role Roles Role Role Managers tharin Roles SQL Server Roles PUBLIC Roles Roles Public Roles
1 Roles tharin Roles Managers Roles Employees Roles Windows 2003/Vista
SQL Server
Roles SQL Server Roles Roles Roles 2
Standard Roles Roles Application SQL Server Finance Finance Marketing Marketing Roles 2 Roles Roles Roles Management Studio
Roles Role Roles Roles Roles Roles Roles Roles Managers TblCustomers Role Employees Roles Management Studio Roles 1. Roles Roles Properties
2. Database Role Properties Add... Remove
Roles Database User / Roles Roles
Roles Transact SQL
Role Stored Procedure sp_addrolemember
sp_droprolemember
Fixed Server Roles
SQL Server Roles Roles Roles (Server Roles) SQL Server, Windows 2003/Vista Roles
Fixed Server Roles Fixed Server Roles
bulkadmin
dbcreator
diskadmin
processadmin
securityadmin
severadmin
setupadmin
sysadmin BULK INSERT SQL Server CREATE DATABASE error logs SQL Server Linked Servers Start Up Procedures SQL Server
Windows 2003/Vista BUILTIN\Administrator Group syadmin
Fixed Server Roles sp_helpsrvrole Roles sp_srvrolepermission
Fixed Database Roles
Fixed Database Roles Roles (Database Roles) Roles Fixed Database Roles Fixed Database Roles
db_accessadmin
db_backupcperator
db_datareader
db_datawriter
db_ddlladmin
db_denydatareader
db_denydatawriter
db_owner
db_securityadmin DBCC, CHECKPOINT BACKUP DDL (Data Definition Language) CREATE TABLE GRANT, REVOKE DENY , , Roles Roles
Fixed Database Roles sp_helpdbfixedrole Roles sp_dbfixedrolepermission
Public Roles
Public Roles Roles Roles , Roles Roles master, msdb, tempdb, model Roles Roles Management Studio
Management Studio Roles 1. Roles Database Roles New Database Role2. Database Role New Roles Role name Roles3. (Permission) Roles Securables OK Roles
Roles Transact SQL
Roles Management Studio Stored Procedure sp_addrole Roles
Role Roles professor
sp_droprole Roles
Roles professor (Permission) , User Role database owner (dbo) system administrator (sa) (Permission)
SQL Server 3 Object Permissions Stored Procedure SELECT, INSERT, UPDATE DELETE SELECT, UPDATE INSERT, DELETE SELECT User Defined Functions EXECUTE Stored Procedures Functions DRI (declarative referential integrity) Foreign key Constraints Statement Permissions CREATE TABLE BACKUP DATABASE
BACKUP LOG
CREATE DATABASE
CREATE DEFAULT
CREATE FUNCTION
CREATE PROCEDURE
Stored Procedure
CREATE RULE
Rule
CREATE TABEL
CREATE VIEW
Implied Permissions SQL Server sysadmin Server Roles db_owner Database Roles 2
Staterment Permissions 1. Properties
2. Database Properties Permissions Add User Roles 3 Grant
Deny
With Grant ()
OK
Object Permissions Roles
1. Role ( Roles SQL Server ) Properties
2. Database Role Properties Securables
User
1. User ( User SQL Server ) Properties
2. Database User Securables GRANT REVOKE Management Studio GRANT User Roles
REVOKE GRANT permission_list GRANT REVOKE (,) ALL object_name Stored Procedures name_list User Roles GRANT kim TblOrders GRNT SELECT, UPDATE
ON TblOrders
TO kim
REVOKE kim TblOrders
REVOKE DELETE
ON TblOrders
FROM kim
sp_addlogin login_id [, password [, defaultdb [, defaultlanguage]]]
sp_droplogin login_id
1.
2.1
2.2
sp_adduser login_id [, username [, rolename]]
ALTER AUTHORIZATION
ON [ ::] entity_name
TO { SCHEMA OWNWE, principal_name }
sp_dropuser username
kim
Database User
sp_addrolemember [ @rolename = ] role , [ @membername = ] security_account
sp_droprolemember [ @rolename = ] role , [ @membername = ] security_account
kim Roles db_accessadmin
kim Role db_accessadmin
Fixed Server Roles SQL Server
sp_addrole [ @rolename = ] role [ , [ @ownername = ] owner ]
sp_droprole [ @rolename = ] role]
GRANT permission_list
ON object_name
TO name_list
REVOKE permission_list
ON object_name
FROM name_list
Note
Note
Note
Note
Note
Note
Note
Note
Note