sp_denylogin

Prevents a Microsoft® Windows NT® user or group from connecting to Microsoft SQL Server™.

Syntax

sp_denylogin [ @loginame = ] 'login'

Arguments

[@loginame =] 'login'

Is the name of the Windows NT user or group. login is sysname, with no default. If the Windows NT user or group does not exist in SQL Server, it is automatically added.

Return Code Values

0 (success) or 1 (failure)

Remarks

sp_denylogin can be used only with Windows NT accounts in the form Domain\User, for example London\Joeb. sp_denylogin cannot be used with SQL Server logins added with sp_addlogin.

Use sp_grantlogin to reverse the effects of sp_denylogin and allow the user to connect.

sp_denylogin cannot be executed within a user-defined transaction.

Permissions

Only members of the securityadmin or sysadmin fixed server roles can execute sp_denylogin.

Examples

This example prevents user Corporate\GeorgeW from logging in to SQL Server.

EXEC sp_denylogin 'Corporate\GeorgeW'

Or

EXEC sp_denylogin [Corporate\GeorgeW]

See Also

Denying Login Access to Windows NT Accounts

sp_grantlogin

sp_revokelogin

System Stored Procedures