If a login has sysadmin rights but is not mapped to any db user...

[divinyl]

...do they still have database access?

i.e. in the properties of the login, on the User Mapping tab there are no ticked DBs..does that mean that login doesn’t actually have any access to any db, even though it is sysadmin? I mean from an application perspective...

I know that the sa password is only what it is because it is part of the sysadmin role, so that should mean that any new login created mapped to the sysadmin role would have complete access to every db on the server....BUT, do they have to be mapped to a user db in teh User Mapping tab of the logins properties???

I'm using SQL 2005...i mention that because i notice some discrepancies in this area between 2005 and 2000..

Thanks
Div

 

[ptheriault]

If you create a login and assign that login to the sysadmin role...that login now has complete control of that SQL instance. You don't have to map that login to a user for the login to have access and the ability to change everything in a user db.

- Paul
- If at first you don't succeed, find out if the loser gets anything.

 

[divinyl]

Yeah..i thought so but just wanted to make sure!

Thanks for responding so quickly,

Div