sp_denylogin (Transact-SQL)

Applies to: SQL Server

Prevents a Windows user or Windows group from connecting to an instance of SQL Server.

Important

This feature will be removed in a future version of SQL Server. Avoid using this feature in new development work, and plan to modify applications that currently use this feature. Use ALTER LOGIN instead.

Transact-SQL syntax conventions

Syntax

  
sp_denylogin [ @loginame = ] 'login'   

Arguments

[ @loginame = ] 'login_ ' Is the name of a Windows user or group. login is sysname, with no default.

Return Code Values

0 (success) or 1 (failure)

Remarks

sp_denylogin denies CONNECT SQL permission to the server-level principal mapped to the specified Windows user or Windows group. If the server principal does not exist, it will be created. The new principal will be visible in the sys.server_principals (Transact-SQL) catalog view.

sp_denylogin cannot be executed within a user-defined transaction.

Permissions

Requires membership in the sysadmin fixed server role.

Examples

The following example shows how to use sp_denylogin to prevent Windows user CORPORATE\GeorgeV from connecting to the server.

EXEC sp_denylogin 'CORPORATE\GeorgeV';  

See Also

sp_grantlogin (Transact-SQL)
Security Stored Procedures (Transact-SQL)
ALTER LOGIN (Transact-SQL)
System Stored Procedures (Transact-SQL)