By default, only the System Administrator has create database permission. The System Administrator can grant permission to use the create database command. However, in many installations, the System Administrator maintains a monopoly on create database permission to centralize control of database placement and database device allocation. In these situations, the System Administrator creates new databases on behalf of other users and then transfers ownership to the appropriate user(s).
To create a database and transfer ownership to another user, the System Administrator:
Issues the create database command.
Switches to the new database with the use database command.
Executes sp_changedbowner, as described in “Changing database ownership”.
When a System Administrator grant permission to create databases, the user that receives the permission must also be a valid user of the master database, since all databases are created while using master.
The fact that System Administrators seem to operate outside the protection system serves as a safety precaution. For example, if a Database Owner forgets his or her password or accidentally deletes all entries in sysusers, a System Administrator can repair the damage using the backups or dumps that are made regularly.
Permission alter database or drop database defaults to the Database Owner, and permission is automatically transferred with database ownership. alter database and drop database permission cannot be changed with grant or revoke.
