If the assembly permission set requires EXTERNAL_ACCESS, the login must also have EXTERNAL ACCESS ASSEMBLY permissions.

If the permission set requires UNSAFE, the login must be a member of the sysadmin fixed server role.

consolidating sql servers best practices-87

Unlike ALTER ANY DATABASE DDL EVENT NOTIFICATION, the user must own the database DDL event notification in order to drop it.

This grants or denies the ability to create a default.

This permission is granted implicitly to the db_ddladmin and db_owner fixed database roles.

I am new to SQL Server 2005/2008 having administered SQL Server 2000 and below.

I have heard there are a lot of new permissions at the database level.

What are they and what do they give rights to perform?SQL Server 2005 introduced a new concept to SQL Server security and permissions: securables.Securables are anything within SQL Server that can have a permission assigned. Below are the list of database-level permissions: This grants or denies the ability to create or drop services for service broker.The user also must have REFERENCES permissions for all queues and contracts specified for the service.The db_ddladmin fixed database role has this permission implicitly.This grants or denies the ability to create or drop an assembly within a SQL Server database.