What does "Grant Connect on Endpoint as [sa]" do?

Question

What does "Grant Connect on Endpoint as [sa]" do?

I went through the script generated by my Visual Studio Database project and found the following:

GRANT CONNECT
    ON ENDPOINT::[TSQL Default TCP] TO PUBLIC
    AS [sa];

I don't know what he is doing, but he seems to provide PUBLIC access as an SA (only by the way he reads).

Does anyone know what this is actually doing? ( Clearly, it provides some access through “ENDPOINT . ” But in plain English, what does it do?)

Just reading this, he tells me that anyone who connects via the TCP port can work as [sa]. (I hope this is not the case, but if it is, why did the Visual Studio DB Project do this?)

+5

sql sql-server tsql sql-server-2008 database-project

Vaccano Feb 20 '12 at 21:34

source share

1 answer

Remus Rusanu · Accepted Answer · 2012-02-20T23:28:17+0000

, GRANT : [PUBLIC] , [PUBLIC]. .

: AS [sa] , . - :

I, [sa], [TSQL Default TCP] [PUBLIC].

, , ( [PUBLIC]) [sa]. , . (.. ). , [PUBLIC] BUILTIN\Everyone ( BUILTIN\ANONYMOUS LOGIN ...) ( )... , NT, ( NT) SQL Server, - .

, , T-SQL [PUBLIC]:

select s.name as grantee, 
    e.name as endpoint,
    p.permission_name as permission,
    p.state_desc as state_desc
from sys.server_permissions p
join sys.server_principals s on s.principal_id = p.grantee_principal_id
join sys.endpoints e on p.major_id = e.endpoint_id
where p.type='CO'

What does "Grant Connect on Endpoint as [sa]" do?

More articles: