locked
Permission Required to Delete a Login RRS feed

  • Question

  • Hi, what are the permission required at the Database and Server level in SQL Server to delete a login?

    Server lever - what roles

    Database level - what roles...

    Please advice.

    Thanks.

    Sunday, May 2, 2010 10:50 AM

Answers

  • ALTER ANY LOGIN can be granted to a login and ALTER ANY USER can be granted to an user in that particular database. 

    USE MASTER

    GO

    GRANT ALTER ANY LOGIN TO login_name -- equivalent to having securityadmin server role

    GO

    USE DBNAME

    GO

    GRANT ALTER ANY USER TO user_name  -- equivalent to having db_accessadmin / db_securityadmin

    GO

     


    Thanks, Leks
    • Marked as answer by RubSay Monday, May 3, 2010 10:50 AM
    Monday, May 3, 2010 8:26 AM

All replies

  • you need ALTER ANY LOGIN permission to remove a login from sql server

    but if a login owns a server object or sql agent job you could not remove it

    or

    securityadmin has a right to mange logins

    as a database role you can use db_accessadmin


    http://www.sdtslmn.com
    Sunday, May 2, 2010 10:15 PM
  • How and from where do we set ALTER ANY LOGIN permission on the SQL server for a useR?
    Monday, May 3, 2010 6:17 AM
  • ALTER ANY LOGIN can be granted to a login and ALTER ANY USER can be granted to an user in that particular database. 

    USE MASTER

    GO

    GRANT ALTER ANY LOGIN TO login_name -- equivalent to having securityadmin server role

    GO

    USE DBNAME

    GO

    GRANT ALTER ANY USER TO user_name  -- equivalent to having db_accessadmin / db_securityadmin

    GO

     


    Thanks, Leks
    • Marked as answer by RubSay Monday, May 3, 2010 10:50 AM
    Monday, May 3, 2010 8:26 AM
  • thanks Lekss...! Where have you been last few days?? You were scilent... :)
    Monday, May 3, 2010 10:50 AM