(Windows only) Assigns Adaptive Server roles or default permissions to Windows users and groups when Integrated Security mode or Mixed mode (with Named Pipes) is active.
sp_grantlogin {login_name | group_name} ["role_list" | default]
is the network login name of the Windows NT user.
is the Windows NT group name.
is a list of the Adaptive Server roles granted. The role list can include one or more of the following role names: sa_role, sso_role, oper_role. If you specify more than one role, separate the role names with spaces, not commas.
specifies that the login_name or group_name receive default permissions assigned with the grant statement or sp_role procedure.
Assigns the Adaptive Server oper_role to the Windows NT user “jeanluc”:
sp_grantlogin jeanluc, oper_role
Assigns the default value to the Windows NT user “valle”. User “valle” receives any permissions that were assigned to her via the grant command or sp_role procedure:
sp_grantlogin valle
Assigns the Adaptive Server sa_role and sso_role to all members of the Windows NT administrators group:
sp_grantlogin Administrators, "sa_role sso_role"
You must create the Windows NT login name or group before assigning roles with sp_grantlogin. See your Windows NT documentation for details.
sp_grantlogin is active only when Adaptive Server is running in Integrated Security mode or Mixed mode when the connection is Named Pipes. If Adaptive Server is running under Standard mode or Mixed mode with a connection other than Named Pipes, use grant and sp_role instead.
If you do not specify a role_list or default, the procedure automatically assigns the default value.
The default value does not indicate an Adaptive Server role. It specifies that the user or group should receive any permissions that were assigned to it via the grant command or sp_role procedure.
Using sp_grantlogin with an existing login_name or group_name overwrites the user’s or group’s existing roles.
The permission checks for sp_grantlogin differ based on your granular permissions settings.
Granular permissions enabled |
With granular permissions enabled, you must be a user with manage roles privilege. |
Granular permissions disabled |
With granular permissions disabled, you must be a user with sa_role. |
Values in event and extrainfo columns from the sysaudits table are:
Event |
Audit option |
Command or access audited |
Information in extrainfo |
---|---|---|---|
38 |
exec_procedure |
Execution of a procedure |
|
System procedures sp_addlogin, sp_displaylogin, sp_droplogin, sp_locklogin, sp_logininfo, sp_modifylogin, sp_revokelogin, sp_role