Default privileges granted to system defined roles are listed in Table 8-6 through Table 8-10.
allow exceptional login |
checkpoint any database |
connect |
create database |
dbcc checkalloc any database |
dbcc checkcatalog any database |
dbcc checkdb any database |
dbcc checkindex any database |
dbcc checkstorage any database |
dbcc checktable any database |
dbcc checkverify any database |
dbcc fix_text any database |
dbcc indexalloc any database |
dbcc reindex any database |
dbcc tablealloc any database |
dbcc textalloc any database |
dbcc tune |
dump any database |
kill any process |
load any database |
manage any database |
manage any ESP |
manage any execution class |
manage any thread pool |
manage cluster |
manage data cache |
manage disk |
manage dump configuration |
manage lock promotion threshold |
manage resource limit |
manage server |
manage server configuration |
manage server permissions |
map external file |
mount any database |
online any database |
own any database |
quiesce any database |
select on get_appcontext |
select on list_appcontext |
select on rm_appcontext |
select on set_appcontext |
set switch |
set tracing any process |
show switch |
shutdown |
unmount any database |
alter any object owner (in any database) |
change password |
decrypt any table (in any database) |
manage any encryption key (in any database) |
manage any login |
manage any login profile |
manage any remote login |
manage any user (in any database) |
manage auditing |
manage roles |
manage security configuration |
manage security permissions |
select on authmech |
show switch |
set tracing any process |
update any security catalog (in any database) |
checkpoint any database |
dump any database |
load any database |
manage dump configuration |
online any database |
use any database |
checkpoint any database |
dump any database |
load any database |
manage replication (in any database) |
monitor server replication |
online any database |
quiesce any database |
truncate any table (in any database) |
truncate any audit table (in sybsecurity) |
manage any encryption key |
Use sp_restore_system_role (which requires manage security permissions privileges) to restore a role or database owner to the default role privilege configuration.