The following table indicates who can execute the system procedures:
System Procedure |
Permissions Required |
---|---|
sp_addlogin |
Members of the sysadmin and securityadmin fixed server roles. |
sp_addrole |
Members of the sysadmin fixed server role, and the db_securityadmin and db_owner fixed database roles. |
sp_addrolemember |
Members of the sysadmin fixed server role and the db_owner fixed database role can execute sp_addrolemember to add a member to fixed database roles. Role owners can execute sp_addrolemember to add a member to any SQL Server role they own. Members of the db_securityadmin fixed database role can add users to any user-defined role. |
sp_addsvrrolemember |
Members of the sysadmin fixed server role. |
sp_droplogin |
Members of the sysadmin and securityadmin fixed server roles. |
sp_droprolemember |
Only members of the sysadmin fixed server role, the db_owner and db_securityadmin fixed database roles can execute sp_droprolemember. Only a member of the db_owner fixed database role can remove users from a fixed database role. |
sp_dropsvrrolemember |
Members of the sysadmin fixed server role. |
sp_grantdbaccess |
Members of the sysadmin fixed server role, the db_accessadmin and db_owner fixed database roles. |
sp_helplogins |
Members of the sysadmin and securityadmin fixed server roles. |
sp_helprole |
Execute permissions default to the public role. |
sp_helpsrvrolemember |
Execute permissions default to the public role. |
sp_helpuser |
Execute permissions default to the public role. |
sp_password |
Execute permissions default to the public role for a user changing the password for his or her own login. Only members of the sysadmin role can change the password for another user’s login. |
sp_revokedbaccess |
Members of the sysadmin fixed server role, and the db_accessadmin and db_owner fixed database roles |