sp_adduser

Transact-SQL Reference

Transact-SQL Reference

sp_adduser

Adds a security account for a new user in the current database. This procedure is included for backward compatibility. Use sp_grantdbaccess.

Syntax

sp_adduser [ @loginame = ] 'login'
    [ , [ @name_in_db = ] 'user' ]
    
[ , [ @grpname = ] 'group' ]

Arguments

[@loginame =] 'login'

Is the name of the user's login. login is sysname, with no default. login must be an existing Microsoft® SQL Server™ login or Microsoft Windows NT® user.

[@name_in_db =] 'user'

Is the name for the new user. user is sysname, with a default of NULL. If user is not specified, the name of the user defaults to the login name. Specifying user gives the new user a name in the database different from the login ID on SQL Server.

[@grpname =] 'group'

Is the group or role that the new user automatically becomes a member of. group is sysname, with a default of NULL. group must be a valid group or role in the current database. Microsoft SQL Server version 7.0 uses roles instead of groups.

Return Code Values

0 (success) or 1 (failure)

Remarks

SQL Server usernames can contain from 1 to 128 characters, including letters, symbols, and numbers. However, usernames cannot:

  • Contain a backslash character (\).

  • Be NULL, or an empty string ('').

After a user has been added, use the GRANT, DENY, and REVOKE statements to define the permissions controlling the activities performed by the user.

Use sp_helplogin to display a list of valid login names.

Use sp_helprole to display a list of the valid role names. When specifying a role, the user automatically gains the permissions that are defined for the role. If a role is not specified, the user gains the permissions granted to the default public role. To add a user to a role, a value for username must be supplied (username can be the same as login_id.)

To access a database, a login must be granted access by using sp_adduser or sp_grantdbaccess, or the guest security account must exist in the database.

sp_adduser cannot be executed inside a user-defined transaction.

Permissions

Only the dbo and members of the sysadmin fixed server role can execute sp_adduser.

Examples
A. Add a user

This example adds the user Victoria to the existing fort_mudge role in the current database, using the existing login Victoria.

EXEC sp_adduser 'Victoria', 'Victoria', 'fort_mudge'
B. Add a username with the same login ID

This example adds the default username Margaret to the current database for the login Margaret, which belongs to the default public role.

EXEC sp_adduser 'Margaret'
C. Add a user who uses a different username

This example adds the Haroldq login to the current database with a username of Harold, which belongs to the fort_mudge role.

EXEC sp_adduser 'Haroldq', 'Harold', 'fort_mudge'

See Also

sp_addrole

sp_dropuser

sp_grantdbaccess

sp_grantlogin

sp_helpuser

System Stored Procedures