System roles are built-in roles that are automatically created in each
new database.
System roles:
- Cannot be dropped.
- Cannot have their default underlying system privileges modified or revoked.
- Can have additional roles and system privileges granted to (or
revoked from).
- Cannot be granted with administrative rights (WITH ADMIN OPTION or WITH ADMIN
ONLY OPTION clauses).
- Have no a password assigned, so users cannot connect to the
database as a grantable system role.
- Do not own objects, except for the SYS, dbo, and rs_systabgroup
role.