The process of adding new logins to Adaptive Server, adding users to databases, and granting them permission to use commands and database objects is divided among the System Security Officer, System Administrator, and Database Owner.
The “Adding new users” procedure creates login accounts
for a particular server using sp_addlogin,
which stores account information in the syslogins table
on that server. You can also create and store login accounts on a
LDAP server. See “Creating and managing Adaptive Server logins using LDAP”.
Adding new users
A System Security Officer uses sp_addlogin to create a server login account for a new user.
A System Administrator or Database Owner uses sp_adduser to add a user to a database. This command can also give the user an alias or assign the user to a group. For more information, see “Creating groups”.
A System Security officer grants specific roles to the user.
A System Administrator, Database Owner, or object owner grants the user or group specific permissions on specific commands and database objects. Users or groups can also be granted permission to grant specific permissions on objects to other users or groups. See Chapter 12, “Managing User Permissions” for detailed information about permissions.
Table 10-1 summarizes the system procedures and commands used for these tasks.
Task |
Required role |
Command or procedure |
Database |
|---|---|---|---|
Create new logins, assign passwords, default databases, default language, and full name |
System Security Officer |
sp_addlogin |
Any database |
Create groups |
Database Owner or System Administrator |
sp_addgroup |
User database |
Create and assign roles |
System Security Officer |
create role |
|
Add users to database, assign aliases, and assign groups |
Database Owner or System Administrator |
sp_adduser |
User database |
Grant groups, users, or roles permission to create or access database objects |
Database Owner, System Administrator, or object owner |
grant |
User database |
