| Server Role |
Description |
| bulkadmin |
Members can run the BULK INSERT statement. Membership in this role still requires that non-sysadmin users have access to the object being updated. |
| dbcreator |
Members can create, alter, drop, and restore any database. |
| diskadmin |
This role is used for managing disk files. Most of the capabilities relate to add ing and removing backup devices. |
| processadmin |
Members can terminate processes that are running in an instance of SQL Server. This role is useful if you want to give someone the ability to kill a long-running query or an orphaned connection. |
| public |
All valid SQL Server logins are members of the public role. |
| securityadmin |
Members can manage logins and their properties. They can GRANT, DENY, and REVOKE server-level permissions as well as database-level permissions. They can also reset passwords for SQL Server logins. This role has no rights to assign database permissions. If you want securityadmin members to be able to do this, you must make their logins part of the db_accessadmin fixed database role for the specific database. |
| serveradmin |
Members can change server-wide configuration options and shut down the server. |
| setupadmin |
Members can add and remove linked servers and also execute some system stored procedures. |
| sysadmin |
Members can perform any activity on the server. By default, all members of the Windows BUILTIN/Administrators group, the local administrator's group, are members of the sysadmin fixed server role. The SQL Server service account is also a member of this role. |