sp_revokelogin

(Windows only) Revokes SAP ASE roles and default permissions from Windows users and groups when Integrated Security mode or Mixed mode (with Named Pipes) is active.

Syntax

sp_revokelogin {login_name | group_name}

Parameters

login_name – is the network login name of the Windows user.
group_name – is the Windows group name.

Examples

Example 1 – Revokes all permissions from the Windows user named “jeanluc”:
```
sp_revokelogin jeanluc
```
Example 2 – Revokes all roles from the Windows Administrators group:
```
sp_revokelogin Administrators
```

Usage

Use sp_revokelogin only when the SAP ASE server is running in Integrated Security mode or Mixed mode, when the connection is Named Pipes. If the SAP ASE server is running in Standard mode, or in Mixed mode using a connection other than Named Pipes, use the revoke command.

If you revoke a user’s roles and default privileges with sp_revokelogin, that user can no longer log into the SAP ASE server over a trusted connection.

See also grant, revoke, setuser in Reference Manual: Commands.

Permissions

The permission checks for sp_revokelogin differ based on your granular permissions settings.

Setting	Description
Enabled	With granular permissions enabled, you must be a user with `manage roles` privilege.
Disabled	With granular permissions disabled, you must be a user with sa_role.

Auditing

Values in event and extrainfo columns from the sysaudits table are:

Information	Values
Event	38
Audit option	exec_procedure
Command or access audited	Execution of a procedure
Information in `extrainfo`	Roles – Current active roles Keywords or options – NULL Previous value – NULL Current value – NULL Other information – All input parameters Proxy information – Original login name, if set proxy in effect