Learn SQL Concepts

All Kinds of topics related to Transact SQL, SQL Server Database Administration, SQL Server Query Optimization, SQL Server Trouble Shooting.

Tuesday, April 18, 2017

What is a database user, SQL Logins and what are the difference between a user and a login in SQL Server?

           ,      No comments   

Problem:  What is a database user, SQL Logins and what are the difference between a user and a login in SQL Server?

Solution:

SQL Logins:
Logins are the credentials that authenticate connections to an instance. Except in the case
of an instance configured to support contained databases, a database user must map to
an existing SQL Server login. You can differentiate SQL Server logins based on the type of
authentication method used. SQL Server 2012 supports the following login types:
  •           Windows-authenticated login
  •          SQL Server–authenticated login
  •          Certificate
  •          Asymmetric key

A security principal must have the ALTER ANY LOGIN permission to be able to create SQL
logins.

you can look in the below picture to see a list of logins in a SQL Server instance under security folder.




Users:
Database users represent the identity of a SQL Server login when connected to a database. Each database user maps to a SQL Server login except in the special case of contained databases. You can configure a database user to use the same name as a login to simplify the process of quickly identifying the relationship between a database user and a SQL Server login. You can map a SQL Server login to only one database user in each database. You can map a single login to different users in different databases if you follow the “one database user per SQL Server login per database” rule. You can assign database-level permissions directly to database users. It is best practice to assign database-level permissions to database-level roles and then add database users to those roles.

you can see in the below picture where to look for users.



Differences between users and logins:
Although the terms login and user are often used interchangeably, they are very different.
  • A login is used for user authentication
  • A database user account is used for database access and permissions validation.
Logins are associated to users by the security identifier (SID). A login is required for access to the SQL Server instance. The process of verifying that a login is valid is called "authentication". This login must be associated to a SQL Server database user. You use the user account to control activities performed in the database. If no user account exists in a database for a specific login, the user that is using that login cannot access the database even though the user may be able to connect to SQL Server. The single exception to this situation is when the database contains the "guest" user account. A login that does not have an associated user account is mapped to the guest user. Conversely, if a database user exists but there is no login associated, the user is not able to log into SQL Server instance.
When a database is restored to a different server it contains a set of users and permissions but there may not be any corresponding logins or the logins may not be associated with the same users. This condition is known as having "orphaned users."

0 comments:

Post a Comment

Certifications

Total Pageviews

Blog Archive

Popular Posts

Categories

SQL (31) T-SQL (20) Stored Procedures (10) Performance gains (9) Database (8) DDL (6) SysObjects (6) DML (5) Delete (5) Execution plans (5) Functions (5) Update (5) rows (5) statistics (5) Configurations (4) RESTORE (4) columns (4) execute (4) group by (4) Alter Schema (3) Backup (3) Change Tracking (3) DBCC (3) JOINS (3) SQL SERVER AGENT (3) Transform (3) XML (3) batchexecution (3) count (3) details (3) dynamicSQL (3) partitions (3) query (3) ALerts (2) BREAK (2) CASE (2) ClusteredIndex (2) Command line (2) Conditional Execution (2) ControlFlow (2) Create Schema (2) DATE FORMAT (2) DBCC_SHOW_STATISTICS (2) ENCRYPTION (2) Error Logging (2) FOR XML (2) GOTO (2) Insert (2) Maintainance Statements (2) NonClusteredIndex (2) Optimize (2) PARAMETERS (2) RAISERROR (2) SELECT (2) SET OPERATORS (2) SHRINK LOG (2) SHRINKFILE (2) SQL SERVER (2) Sp's (2) Sp_configure (2) Union (2) Views (2) constriants. (2) execution requests (2) export (2) flatfile (2) foriegn keys (2) format (2) full (2) full text search (2) log (2) merge (2) objetcs (2) output (2) properties (2) script execution (2) sessions (2) sqlcmd (2) sum (2) sys storedprocedures (2) table Hints (2) @@SPID (1) ALTER VIEW (1) AVG (1) Application Refresh with latest data. (1) Audit data (1) AuditActions (1) BCP (1) BEGIN TRANSACTION (1) CAST (1) CHECK OPTION (1) CHECKSUM (1) COLUMNPROPERTY (1) CONNECTION INFORMATION (1) CONTINUE (1) CONVERT (1) CREATE VIEW (1) CROSS APPLY (1) CTE (1) CUSTOM SYSTEM MESSAGE (1) Change columns (1) Charindex (1) Combine Results (1) Conditional filter (1) Contains (1) Create Type (1) Create steps (1) Cursors (1) Custom ERROR Message (1) DATEADD (1) DATEDIFF (1) DB Mail (1) DELAY (1) DIFFERENCE (1) DML TRIGGERS (1) DROP VIEW. (1) Data generator (1) DataTypes (1) Database backup file results (1) Differential (1) Disable change tracking (1) ERRORMESSAGE (1) EXCEPT (1) EXISTS (1) EXPLICIT (1) EXTENDED STORED PROCEDURES (1) Email Operators (1) Errorstate (1) Exception Handling (1) Execute at a time (1) FILELIST ONLY (1) FOR INSERT (1) FORMATMESSAGE (1) FULL OUTER JOIN (1) Full text catalog (1) Full text indexing (1) GLOBAL (1) GUID (1) IF EXISTS (1) IFEXISTS (1) INNER JOIN (1) INTERSECT (1) In-Memory tables (1) Index (1) Index seek (1) Indexes (1) Information_schema.Columns (1) Inner query (1) Jobs (1) Join (1) LEFT OUTER JOIN (1) LOCAL (1) MAXDOP (1) Mail Account (1) Mail Profile (1) MailProfile (1) Memory-Optimized-tables (1) Multiple rows into one row. (1) NameReverese (1) Nested SQL Select (1) Nested stored procedure (1) Notifications (1) OPENXML (1) OUTER JOIN (1) OVER (1) Operator (1) PIVOT (1) Production version (1) Purge History records (1) REGISTRY (1) RETURN (1) RIGHT OUTER JOIN (1) ROLLBACK TRANSACTION (1) ROW_NUMBER (1) Recompile (1) Recursion (1) Recursive CTE (1) SCHEMABINDING (1) SERVER WIDE (1) SHRINK DATA FILE (1) SOUDNEX (1) SPID (1) SQL SERVER AGENT JOB Errors (1) SQL SERVER AGENT JOB History (1) SQL SERVER AGENT JOB Steps (1) SQL SERVER SESSION (1) SQLPERF (1) SQL_VARIANT (1) SYSTEMFUNCTIONS (1) Scalar valued Functions (1) Schedule Jobs (1) Send Db email (1) Sp_add_alert (1) Sp_refreshview (1) Sp_rename (1) Sp_update_alert (1) StringConcatenation (1) SubQueries (1) Substring (1) Sys.Columns (1) Sys.Index_columns (1) THROW (1) TIME (1) TIME ZONE INFO (1) TRY CATCH (1) Table valued Functions (1) Temp Objects (1) Temporary Table (1) TestData (1) TextSearch (1) TimeStamp (1) Transaction locks (1) Triggers (1) UNION ALL (1) UNPIVOT (1) VIEW_METADATA (1) Validations. (1) WAITFOR (1) WHERE (1) WHERE EXISTS (1) WHILE LOOP (1) XML AUTO (1) XML EXPLICIT (1) XML PATH (1) XML RAW (1) XML to SQL (1) advantages (1) backupdate (1) backupversion (1) catalogviews (1) change versions (1) cmdshell (1) compatibility (1) create statistics (1) csv (1) database mail (1) database version (1) datetime (1) defaultconstraints (1) defragment indexes (1) disadvantages (1) distinct (1) exit from code. (1) extract xml (1) getdate() (1) getutcdate() (1) header (1) index fragmentation (1) index scan (1) index usage (1) latch (1) like (1) locks (1) logical operators (1) looping (1) mail log (1) missing indexes (1) multiple columns (1) non-schema bounded views (1) pages fullness (1) phone number (1) predicates (1) query text (1) re organize (1) rebuild (1) sp_executesql (1) sp_lock (1) sp_recompile (1) statastics (1) sys (1) tenses of a verb (1) update metadata (1) update statistics (1) user-defined system error (1) user-defined table type (1) wait (1) xls (1) xp_cmdshell (1)

Thank you!

Thanks for viewing the blog, hope you got what you are looking for. Please post a comment if you need some more information..
~Mahesh Sambu