A role uses Windows security accounts to limit the scope of access and permissions when users access the database. A database role specifies a set of database level permissions that let a user perform specific tasks. Database roles are not fixed and can be created, modified, and removed. Database roles let you collect users into a single unit to which you can apply permissions. You can define a set of roles based on job functions and assign each role the permissions that apply to that job.
Use the SQL Server Database Role Editor to define database role objects in a SQL Server 2005, 2008 or 2012 physical model.
To define SQL Server database roles
The SQL Server Database Role Editor opens.
Note: Click New on the toolbar to create a new database role. Use the Enter filter text box to filter a very large list of database roles to quickly locate the one that you want to define.
Displays the database role name. You can change the database role name in this field.
Specifies the authorization level for the database role. Select an authorization from the drop-down list.
Generates SQL during forward engineering. Clear the check box if you do not want to generate SQL.
Note: Use the options on the toolbar to create a new permission, delete a selected permission, or open the SQL Server Permission Editor to manage permission properties.
Displays the permission name. Change the name of the permission in this field.
Specifies the permission type. Select the option from the drop-down list.
Specifies the cascade action for the permission. Indicates that the permission revoked is also revoked from other principals to which it has been granted by this principal.
Specifies if the user can grant this permission to other users or not.
Specifies the principal used to acquire the permissions. Select a principal from the drop-down list.
The database role is defined and the SQL Server Database Role Editor closes.
Copyright © 2013 CA.
All rights reserved.
|
|