Principals: These are objects (for example a user login, a role, or an application) thatmay be granted permission to access particular database objects.
Securables: These are objects (a table or view, for example) to which access can be controlled.
Permissions: These are individual rights, granted (or denied) to a principal, to access a securable object.
Principals are the topic of this chapter, and securables and permissions are discussed in the next chapter.
Windows principals are principals based onWindows domain user accounts, domain groups, local user accounts, and local groups. Once added to SQL Server and given permissions to access objects, these types of principals gain access to SQL Server based on Windows Authentication.
SQL Server principals are SQL Server-level logins and fixed server roles. SQL logins are created within SQL Server and have a login name and password independent of anyWindows entity. Server roles are groupings of SQL Server instance-level permissions that other principals can becomemembers of, inheriting that server role’s permissions.
Database principals are database users, database roles (fixed and user-defined), and application roles—all of which I’ll cover in this chapter.
I’ll start this chapter off with a discussion ofWindows principals.
KeywordsDatabase Object Database User Server Role Default Schema User Command
Unable to display preview. Download preview PDF.