The user IDs can be added or removed using which of the following fixed roles?

2023

The user IDs can be added or removed using which of the following fixed roles?

  1. A.

    db_sysadmin

  2. B.

    db_accessadmin

  3. C.

    db_securityadmin

  4. D.

    More than one of the above

  5. E.

    None of the above

Attempted by 40 students.

Show answer & explanation

Correct answer: B

Concept

SQL Server provides built-in fixed database roles, each scoped to one administrative responsibility. Managing who is permitted to connect to a database — that is, adding or removing database access (user IDs) for logins — is the job of one specific role, separate from managing data, security objects, or server-level administration.

Applying it here

The phrase “add or remove user IDs” maps to managing a login’s access to the database. By definition, db_accessadmin members can add or remove database access for Windows logins, Windows groups, and SQL Server logins (for example via CREATE USER / DROP USER). So the role that adds or removes user IDs is db_accessadmin.

Contrast with the other roles

  • db_sysadmin — not a standard fixed database role; the powerful database-level role is db_owner, while sysadmin is a server-level (not database) role, so neither matches “add or remove user IDs”.

  • db_securityadmin — manages permissions and role membership (GRANT/DENY, adding members to roles), but does not add or remove the database users themselves.

  • “More than one of the above” — only a single listed role owns this responsibility, so this does not apply.

  • “None of the above” — incorrect, because a listed role (db_accessadmin) does have exactly this capability.

Result

The fixed role used to add or remove user IDs (database access) is db_accessadmin.

Explore the full course: Up Lt Grade Assistant Teacher 2025