In SQL Server a server or database role can have an owner specified. Are you aware of the security implications of specifying a role owner? Read on to find out now.
The sys.database_permissions catalog view can be used to identify active database permissions that are defined in the current database. Read on to find out how to interpret the output of this catalog view.
Grantable grant are an easy way to delegate permission management. However, revoking a grantable grant can cause trouble. Read on to see how using roles in conjunction with grantable grants can alleviate that problem.
REVOKE and DENY are similar at first glance. However, DENY can be very powerful when used in the context of security principal hierarchies. Read on to get all the details.
Permission delegation does not work with database and server roles as you would expect. Instead of an automatic permission cascade, every role member needs to take additional actions to delegate successfully. Read on to get all the details.