Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
learntsql
524 Posts |
 Posted - 2010-03-25 : 11:13:52
|
| Hi All,I am new to Security concepts.please tell me how to understand the logins,users and permissions?please provide me some links.How each one depends on other?TIA. |
|
|
Bustaz Kool
Master Smack Fu Yak Hacker
1834 Posts |
Posted - 2010-03-26 : 19:50:35
|
| AUTHENTICATION and AUTHORIZATION: The first asks the question "Who are you?" and the second asks the question "What are you allowed to do?"You LOGIN to a SQL Server - All this does is ask the first question and if it can't determine who you are, you don't get in. Next, if you are allowed access (Authorized) to the database you want, it lets to map your SQL Server LOGIN to a Database USER. The name of the login and the name of the user are often the same but don't need to be. You still can't do anything, however.Your USER has to be authorized to do things by being GRANTed rights. Each object, such as tables, procedures, et al, has a set of rights that can be GRANTED. For a table, these include such things as SELECT, INSERT, UPDATE, and DELETE rights. For a procedure, this include EXECUTE rights. If your USER has the rights, you get to do stuff.All of this is covered in BOL (Books Online). You can get started by looking up each of the capitalized words in this post.=======================================There are no passengers on spaceship earth. We are all crew. -Marshall McLuhan, educator and philosopher (1911-1980) |
 |
|
|
|
|
|
|
|
Logins and Users?