This section discusses thresholds and how they are affected by locked user logins.
As a security measure, threshold stored procedures are executed using the account name and roles of the login that created the procedure.
You cannot drop the login of a user who owns a threshold.
If you lock the login of a user who owns a threshold, the threshold cannot execute the stored procedure.
Threshold procedures are executed with the most limited set of the roles assigned to the user. The user must have both of the following:
The set of roles active for the user at the time the threshold was added or last modified, and
The set of roles directly granted to the user at the time the threshold “fires.”
If a threshold requires a particular role, that role must be active for the user when the threshold is created. If that role is later revoked, the threshold cannot execute the procedure.
The last chance threshold and thresholds created by the “sa” login are not affected by sp_locklogin. If you lock the “sa” login, the last chance threshold and thresholds created or modified by the “sa” user still fire.
