DatabaseRole Object (SQL-DMO)

The DatabaseRole object represents the properties of a single Microsoft® SQL Server™ database role.

Remarks

SQL Server database roles establish groups of users with similar security attributes. Database permissions can be granted by role, simplifying database security planning and administration. With the DatabaseRole object, you can:

• Create a SQL Server database role.
• Administer an existing SQL Server database role by adding or dropping role members.

The Name property of a DatabaseRole object uses the SQL Server data type sysname.

To create a SQL Server database role

1. Create a DatabaseRole object.
2. Set the Name property.
3. If creating a SQL Server application role, set the AppRole property to TRUE. Set the Password property on the application role (optional).
4. Add the DatabaseRole object to the DatabaseRoles collection of a connected Database object.
5. Add members to the DatabaseRole. Members can be drawn from the Name property of User objects in the Users collection of the Database object.

After creating the new SQL Server database role, you can use the Grant and Deny methods of the Database, StoredProcedure, Table, and View objects to set permissions for the new SQL Server database role.

To administer an existing SQL Server database role

1. Get the DatabaseRole object that references the SQL Server database role from the DatabaseRoles collection of a connected SQLServer Database object.
2. Use the AddMember or DropMember method to add or remove a specified user. SQL-DMO applies the changes to the SQL Server database role as you make them.

Methods

Properties

See Also

Application Security and Application Roles