SQL Server 数据库安全

--创建登陆用户
--create login login_name from windows with default_database = database | default_language = language;
create login [localhost\hoojo-pc] from windows with default_database = testHome;
--创建登陆用户
--create login login_name with password = 'pwd' [hashed] [must_change] [check_expiration] [check_policy]
create login adminwith password = '123456', default_database = testHome;


--查看登陆用户
SELECT
*
FROM sys.sql_logins;


--修改用户
alter login admin with name = jackson;
alter login jackson with password = 'abcd';


--禁用、启用用户
alter login jackson disable; --禁用
alter login jackson enable; --启用


--删除用户
DROP LOGIN jackson;


--修改映射凭据(将登录名MacraeS 映射到凭据Custodian04)
alter login jackson with credential = Custodian04;


-------数据库用户
--创建数据库用户
create user jack from login admin;
create user jason for login jackson;


create user jack from login adminwith default_schema = temp_schema;


--启动guest用户（不推荐使用）
--特殊用户dbo、guest；sa对应的dbo用户，其他没有映射的用户就是guest用户
GRANT connect to guest;


--修改用户
alter user jackwith name = jason;
alter user jason with default_schema = jason_schema;


--删除用户
DROP USER jason;


--------数据库角色
--给jack用户授权buyers角色
create role buyers authorIzation jack;


--修改角色
alter role buyers with name = new_buyers;


--删除角色
DROP ROLE new_buyers;


--------架构管理
--创建
create schema temp_schema;


--指定用户
create schema jason_scheam authorization jason;


--授权查询
grant select to jason;


--删除
DROP SCHEMA jason_scheam;


--------权限
--授权创建table
grant create table to jason;
--授权jason查询student表
grant select on student to jason;


--收回权限
revoke create table to jason;
revoke select on student to jason;

转载：http://www.cnblogs.com/hoojo/archive/2011/07/20/2111990.html