sp_addgroup

Adds a group to a database. Groups are used as collective names in granting and revoking privileges.

Syntax

sp_addgroup grpname

Parameters

Examples

Usage

There are additional considerations when using sp_addgroup:
  • sp_addgroup adds the new group to a database’s sysusers table. Each group’s user ID (uid) is 16384 or larger (except “public,” which is always 0).

  • A group and a user cannot have the same name.

  • Once a group has been created, add new users with sp_adduser. To add an existing user to a group, use sp_changegroup.

  • Every database is created with a group named “public”. Every user is automatically a member of “public”. Each user can be a member of one additional group.

See also grant, revoke in Reference Manual: Commands.

Permissions

The permission checks for sp_addgroup differ based on your granular permissions settings.

SettingDescription
Enabled

With granular permissions enabled, you must be a user with manage any user privilege.

Disabled

With granular permissions disabled, you must be the database owner, a user with sso_role, or a user with sa_role.

Auditing

Values in event and extrainfo columns from the sysaudits table are:

InformationValues
Event

38

Audit option

exec_procedure

Command or access audited

Execution of a procedure

Information in extrainfo
  • Roles – Current active roles

  • Keywords or options – NULL

  • Previous value – NULL

  • Current value – NULL

  • Other information – All input parameters

  • Proxy information – Original login name, if set proxy in effect

Related reference
sp_adduser
sp_changegroup
sp_dropgroup
sp_helpgroup