No one should be authorized at server level on instance except DBAs.
In some cases, as an exception, you may be granted some users through user defined roles at server level. But I wouldn’t advise you to do that unless you have to. If you authorize others on Instance, you cannot know if any errors that may occur are due to an action that these users make.
In addition, for security purposes, you do not want to share the responsibility of a system you manage with anyone.
Especially, sysadmin authorization should only be given to DBAs.
With the help of the script below, you can find out which user is authorized at the server level.
1 2 3 4 |
select p_role.name, p_member.name from sys.server_role_members srm join sys.server_principals p_role on p_role.principal_id=srm.role_principal_id join sys.server_principals p_member on p_member.principal_id=srm.member_principal_id |