sa role

I am setting up security on a new SQL Server. In the Server Role I do not want anyone to have any permissions. However, I find that the default is the public role and that allows for Connect sa permission. Can some  please explain this to me. I know that sa is sequel authentication, but how does that effect server role security. In other words when I choose properties on one of the user logins they (by default) get sa connection as a server role. What does this mean?
Thanks
SeTechAsked:
Who is Participating?
 
St3veMaxConnect With a Mentor Commented:
By default every account is made a member of the public role. If you change that to deny; should you need to connect with SA to correct some issue that's gone horribly wrong; you wont be able to.

I would leave those permissions alone as you dont really need to worry about those unless you give our the sa username and password for folks to connect with which I strongly advise against.

HTH
0
 
St3veMaxCommented:
'sa' is system administrator, a bit like Domain Admins in AD. It has control over everything.

You would NOT use this account for users to connect to, but you would create a new account (either Windows auth or SQL auth) and grant the permissions there.

HTH
0
 
SeTechAuthor Commented:
To be clear. i am looking in the Servers Role folder under Security in SSMS. In there are various roles, one of which is publc. Then when I check the properties of that role (public) it shows permission connect and grantor - sa. And that is the system administrator? And if yes I should change it to Deny. Because when I look into the properties of a login the default is public.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.