The responsibility of adding new login accounts to Adaptive Server, adding users to databases, and granting users permission to use commands and access database objects is divided among the system security officer, system administrator, and database owner.
Table 3-1 summarizes the system procedures and commands used to create and manage login accounts.
Task |
Required role |
Command or procedure |
Database, group, or role |
---|---|---|---|
Create login accounts |
System security officer |
create login |
Master database |
Alter login accounts |
System security officer The exception is that users can change their own password and fullname. |
alter login |
Master database |
Drop login accounts |
System security officer |
drop login |
Master database |
Create groups |
Database owner or system administrator |
sp_addgroup |
User database |
Create and assign roles |
System security officer |
create role, grant role |
Master database |
Add users to database and assign groups |
Database owner or system administrator |
sp_adduser |
User database |
Alias users to other database users |
Database owner or system administrator |
sp_addalias |
User database |
Grant groups, users, or roles permission to create or access database objects and run commands |
Database owner, system administrator, system security officer, or object owner |
grant |
User database |