Managing Database Permissions

The database owner, members of sysadmin, and members of securityadmin can assign database permissions. The available permissions include the following:

GRANT. Gives permission to perform the related task. With roles, all members of the role inherit the permission.
REVOKE. Removes prior GRANT permission, but does not explicitly prevent a user or role from performing a task. A user or role could still inherit GRANT permission from another role.
DENY. Explicitly denies permission to perform a task, and prevents the user or role from inheriting the permission. DENY takes precedence over all other GRANT permissions.

Note

DENY is a Transact-SQL command and is not part of the ANSI SQL-92 standard.

You can grant, deny, and revoke ...

Get Microsoft® SQL Server® 2008 Administrator's Pocket Consultant now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Microsoft® SQL Server® 2008 Administrator's Pocket Consultant by

Managing Database Permissions

Note

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly