sp_adduser (Transact-SQL)

Adds a new user to the current database.

Important

This feature will be removed in a future version of Microsoft SQL Server. Avoid using this feature in new development work, and plan to modify applications that currently use this feature. Use CREATE USER instead.

Topic link icon Transact-SQL Syntax Conventions

Syntax

sp_adduser [ @loginame = ] 'login'  
    [ , [ @name_in_db = ] 'user' ] 
    [ , [ @grpname = ] 'role' ] 

Arguments

  • [ @loginame = ] 'login'
    Is the name of the SQL Server login or Windows login. login is a sysname, with no default. login must be an existing SQL Server login or Windows login.

  • [ @name_in_db = ] 'user'
    Is the name for the new database user. user is a sysname, with a default of NULL. If user is not specified, the name of the new database user defaults to the login name. Specifying user gives the new user a name in the database different from the server-level login name.

  • [ @grpname = ] 'role'
    Is the database role of which the new user becomes a member. role is sysname, with a default of NULL. role must be a valid database role in the current database.

Return Code Values

0 (success) or 1 (failure)

Remarks

sp_adduser will also create a schema that has the name of the user.

After a user has been added, use the GRANT, DENY, and REVOKE statements to define the permissions that control the activities performed by the user.

Use sys.server_principals to display a list of valid login names.

Use sp_helprole to display a list of the valid role names. When you specify a role, the user automatically gains the permissions that are defined for the role. If a role is not specified, the user gains the permissions granted to the default public role. To add a user to a role, a value for the user name must be supplied. (username can be the same as login_id.)

User guest already exists in every database. Adding user guest will enable this user, if it was previously disabled. By default, user guest is disabled in new databases.

sp_adduser cannot be executed inside a user-defined transaction.

You cannot add a guest user because a guest user already exists inside every database. To enable the guest user, grant guest CONNECT permission as shown:

GRANT CONNECT TO guest;
GO

Permissions

Requires ownership of the database.

Examples

A. Adding a database user

The following example adds the database user Vidur to the existing Recruiting role in the current database, using the existing SQL Server login Vidur.

EXEC sp_adduser 'Vidur', 'Vidur', 'Recruiting'

B. Adding a database user with the same login ID

The following example adds user Arvind to the current database for the SQL Server login Arvind. This user belongs to the default public role.

EXEC sp_adduser 'Arvind'

C. Adding a database user with a different name than its server-level login

The following example adds SQL Server login BjornR to the current database that has a user name of Bjorn, and adds database user Bjorn to the Production database role.

EXEC sp_adduser 'BjornR', 'Bjorn', 'Production'

See Also

Reference

Security Stored Procedures (Transact-SQL)

sys.server_principals (Transact-SQL)

sp_addrole (Transact-SQL)

CREATE USER (Transact-SQL)

sp_dropuser (Transact-SQL)

sp_grantdbaccess (Transact-SQL)

sp_grantlogin (Transact-SQL)

System Stored Procedures (Transact-SQL)