Server public Permissions

THIS TOPIC APPLIES TO: yesSQL ServernoAzure SQL DatabasenoAzure SQL Data Warehouse noParallel Data Warehouse

This rule determines whether the public server role has server permissions. Every login that is created on the server is a member of the public server role. If this condition is met, every login on the server will have server permissions.

Best Practices Recommendations

Do not grant server permissions to the server public role.

Important

After setup completes the PUBLIC role has CONNECT permission on all the endpoints except the Dedicated Admin Connection. This is normal and should not be normally changed. (Access is controlled by using the CONNECT SQL permission which is automatically granted when new logins are created.)

For more information

Securing SQL Server