九、SQL Server 数据库安全

--创建登陆用户
--create login login_name from windows with default_database = database | default_language = language;
create login [localhost\hoojo-pc] from windows with default_database = testHome;
--创建登陆用户
--create login login_name with password = 'pwd' [hashed] [must_change] [check_expiration] [check_policy]
create login adminwith password = '123456', default_database = testHome;

--查看登陆用户
select * from sys.sql_logins;

--修改用户
alter login adminwith name = jackson;
alter login jackson with password = 'abcd';

--禁用、启用用户
alter login jackson disable;    --禁用
alter login jackson enable;        --启用

--删除用户
drop login jackson;

--修改映射凭据(将登录名MacraeS 映射到凭据Custodian04)
alter login jackson with credential = Custodian04;

-------数据库用户
--创建数据库用户
createuser jack from login admin;
createuser jason for login jackson;

createuser jack from login adminwith default_schema = temp_schema;

--启动guest用户（不推荐使用）
--特殊用户dbo、guest；sa对应的dbo用户，其他没有映射的用户就是guest用户
grantconnectto guest;

--修改用户
alteruser jack with name = jason;
alteruser jason with default_schema = jason_schema;

--删除用户
dropuser jason;

--------数据库角色
--给jack用户授权buyers角色
createrole buyers authorIzation jack;

--修改角色
alterrole buyers with name = new_buyers;

--删除角色
droprole new_buyers;

--------架构管理
--创建
createschema temp_schema;

--指定用户
createschema jason_scheam authorization jason;

--授权查询
grantselectto jason;

--删除
dropschema jason_scheam;

--------权限
--授权创建table
grantcreatetableto jason;
--授权jason查询student表
grantselecton student to jason;

--收回权限
revokecreatetableto jason;
revokeselecton student to jason;