Users with manage server permissions privilege can grant and revoke server-wide privilege. See Table 8-3 for a list of these privileges.
allow exceptional login |
checkpoint any database |
checkpoint (on any database except sybsecurity) |
connect |
create database |
dbcc checkallock any database |
dbcc checkcatalog any database |
dbcc checkdb any database |
dbcc checkindex any database |
dbcc checkstorage any database |
dbcc checktable any database |
dbcc checkverify any database |
dbcc fix_text any database |
dbcc indexalloc any database |
dbcc reindex any database |
dbcc tablealloc any database |
dbcc textalloc any database |
dbcc tune |
dump any database |
dump database (on any database except sybsecurity) |
kill |
kill any process |
load any database |
load database (on any database except sybsecurity) |
manage any database |
manage any ESP |
manage any thread pool |
manage cluster |
manage data cache |
manage disk |
manage dump configurations |
manage lock promotion threshold |
manage resource limit |
manage server |
manage server configuration |
manage server permissions |
mange execution classes |
map external file |
monitor server replication |
mount any database |
online any database |
online database (on any database except sybsecurity) |
own any database |
own database (on any database except sybsecurity) |
quiesce any database |
set switch |
set tracing |
set tracing any process |
show switch |
shutdown |
unmount any database |
use any database |
use database (on any database except sybsecurity) |
manage server permissions is initially explicitly granted to the sa_role on a newly installed server. Once you revoke manage server permissions from the sa_role, a user with sa_role cannot grant or revoke any server-wide privilege.
To avoid a user unintentionally causing the server to be locked, Adaptive Server ensures the server contains at least one unlocked user account with manage server permissions privileges.