Adding new users: An overview

The process of adding new logins to Adaptive Server, adding users to databases, and granting them permission to use commands and database objects is divided among the System Security Officer, System Administrator, and Database Owner.

NoteThe “Adding new users” procedure creates login accounts for a particular server using sp_addlogin, which stores account information in the syslogins table on that server. You can also create and store login accounts on a LDAP server. See “Creating and managing Adaptive Server logins using LDAP”.

StepsAdding new users

  1. A System Security Officer uses sp_addlogin to create a server login account for a new user.

  2. A System Administrator or Database Owner uses sp_adduser to add a user to a database. This command can also give the user an alias or assign the user to a group. For more information, see “Creating groups”.

  3. A System Security officer grants specific roles to the user.

  4. A System Administrator, Database Owner, or object owner grants the user or group specific permissions on specific commands and database objects. Users or groups can also be granted permission to grant specific permissions on objects to other users or groups. See Chapter 12, “Managing User Permissions” for detailed information about permissions.

Table 10-1 summarizes the system procedures and commands used for these tasks.

Table 10-1: Adding users to Adaptive Server and databases

Task

Required role

Command or procedure

Database

Create new logins, assign passwords, default databases, default language, and full name

System Security Officer

sp_addlogin

Any database

Create groups

Database Owner or System Administrator

sp_addgroup

User database

Create and assign roles

System Security Officer

create role

Add users to database, assign aliases, and assign groups

Database Owner or System Administrator

sp_adduser

User database

Grant groups, users, or roles permission to create or access database objects

Database Owner, System Administrator, or object owner

grant

User database