Guest Permissions on User Databases

APPLIES TO: yesSQL Server noAzure SQL Database noAzure Synapse Analytics (SQL DW) noParallel Data Warehouse

This rule determines whether the guest user has permission to access the database. This rule applies to user databases only.

Best Practices Recommendations

Revoke the guest user permission to access the database if it is not required.

The guest user cannot be dropped, but guest user can be disabled by revoking its CONNECT permission by executing REVOKE CONNECT FROM GUEST within any database other than master, tempdb, or msdb.

For More Information

Securing SQL Server

See Also

Monitor and Enforce Best Practices by Using Policy-Based Management