More Group Sites
Education Books
School Rankings
Jobless Net
Better Home
Enviro++
更好教育论坛
Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

Share
Options
View
Go to last post Go to first unread
Shailesh Patangay  
#1 Posted : Thursday, February 13, 2014 2:11:02 PM(UTC)
Shailesh Patangay

Rank: Newbie

Reputation:

Groups: Member
Joined: 2/13/2014(UTC)
Posts: 1

Working on different projects, I frequently receive requests to ensure if the database users\logins have consistent permissions across Production\Test\UAT environments. In past I have used different methods such as SSIS and wizard to generating the user permissions but most of these approaches still require following considerations.
• What if the user already exists without the logins(orphan users)?
• What should happen when the user is associated to a schema?
• What should happen when there are users associated with multiple roles?

So, here by I have put something together using TSQL which would generate the users for a given database.
• Find the Server Logins Role Membership
• Find the Logins Server Level Permissions
• Analyse the permissions
• Create Database Schemas
• Create Custom Database Roles
• Add Members to Database Roles
• Create SQL Server Logins
• SQL Logins Granular Permissions

Note: Stored procedures sp_hexadecimal and sp_help_revlogin have been referred from following link. http://support.microsoft.com/kb/246133




USE [master]
GO
/****** Object: StoredProcedure [dbo].[sp_hexadecimal] Script Date: 30/07/2013 10:53:57 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE PROCEDURE [dbo].[sp_hexadecimal]
@binvalue varbinary(256),
@hexvalue varchar (514) OUTPUT
AS
DECLARE @charvalue varchar (514)
DECLARE @i int
DECLARE @length int
DECLARE @hexstring char(16)
SELECT @charvalue = '0x'
SELECT @i = 1
SELECT @length = DATALENGTH (@binvalue)
SELECT @hexstring = '0123456789ABCDEF'
WHILE (@i <= @length)
BEGIN
DECLARE @tempint int
DECLARE @firstint int
DECLARE @secondint int
SELECT @tempint = CONVERT(int, SUBSTRING(@binvalue,@i,1))
SELECT @firstint = FLOOR(@tempint/16)
SELECT @secondint = @tempint - (@firstint*16)
SELECT @charvalue = @charvalue +
SUBSTRING(@hexstring, @firstint+1, 1) +
SUBSTRING(@hexstring, @secondint+1, 1)
SELECT @i = @i + 1
END

SELECT @hexvalue = @charvalue

GO

USE [master]
GO
/****** Object: StoredProcedure [dbo].[sp_help_revlogin] Script Date: 30/07/2013 10:53:36 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE PROCEDURE [dbo].[sp_help_revlogin] @login_name sysname = NULL AS
DECLARE @name sysname
DECLARE @type varchar (1)
DECLARE @hasaccess int
DECLARE @denylogin int
DECLARE @is_disabled int
DECLARE @PWD_varbinary varbinary (256)
DECLARE @PWD_string varchar (514)
DECLARE @SID_varbinary varbinary (85)
DECLARE @SID_string varchar (514)
DECLARE @tmpstr varchar (1024)
DECLARE @is_policy_checked varchar (3)
DECLARE @is_expiration_checked varchar (3)

DECLARE @defaultdb sysname

IF (@login_name IS NULL)
DECLARE login_curs CURSOR FOR

SELECT p.sid, p.name, p.type, p.is_disabled, p.default_database_name, l.hasaccess, l.denylogin FROM
sys.server_principals p LEFT JOIN sys.syslogins l
ON ( l.name = p.name ) WHERE p.type IN ( 'S', 'G', 'U' ) AND p.name <> 'sa'
ELSE
DECLARE login_curs CURSOR FOR


SELECT p.sid, p.name, p.type, p.is_disabled, p.default_database_name, l.hasaccess, l.denylogin FROM
sys.server_principals p LEFT JOIN sys.syslogins l
ON ( l.name = p.name ) WHERE p.type IN ( 'S', 'G', 'U' ) AND p.name = @login_name
OPEN login_curs

FETCH NEXT FROM login_curs INTO @SID_varbinary, @name, @type, @is_disabled, @defaultdb, @hasaccess, @denylogin
IF (@@fetch_status = -1)
BEGIN
PRINT 'Print ''No login(s) found.'''
CLOSE login_curs
DEALLOCATE login_curs
RETURN -1
END
SET @tmpstr = '/* sp_help_revlogin script '
PRINT @tmpstr
SET @tmpstr = '** Generated ' + CONVERT (varchar, GETDATE()) + ' on ' + @@SERVERNAME + ' */'
PRINT @tmpstr
PRINT ''
WHILE (@@fetch_status <> -1)
BEGIN
IF (@@fetch_status <> -2)
BEGIN
PRINT ''
SET @tmpstr = '-- Login: ' + @name
PRINT @tmpstr
IF (@type IN ( 'G', 'U'))
BEGIN -- NT authenticated account/group

SET @tmpstr = 'CREATE LOGIN ' + QUOTENAME( @name ) + ' FROM WINDOWS WITH DEFAULT_DATABASE = [' + @defaultdb + ']'
END
ELSE BEGIN -- SQL Server authentication
-- obtain password and sid
SET @PWD_varbinary = CAST( LOGINPROPERTY( @name, 'PasswordHash' ) AS varbinary (256) )
EXEC sp_hexadecimal @PWD_varbinary, @PWD_string OUT
EXEC sp_hexadecimal @SID_varbinary,@SID_string OUT

-- obtain password policy state
SELECT @is_policy_checked = CASE is_policy_checked WHEN 1 THEN 'ON' WHEN 0 THEN 'OFF' ELSE NULL END FROM sys.sql_logins WHERE name = @name
SELECT @is_expiration_checked = CASE is_expiration_checked WHEN 1 THEN 'ON' WHEN 0 THEN 'OFF' ELSE NULL END FROM sys.sql_logins WHERE name = @name

SET @tmpstr = 'CREATE LOGIN ' + QUOTENAME( @name ) + ' WITH PASSWORD = ' + @PWD_string + ' HASHED, SID = ' + @SID_string + ', DEFAULT_DATABASE = [' + @defaultdb + ']'

IF ( @is_policy_checked IS NOT NULL )
BEGIN
SET @tmpstr = @tmpstr + ', CHECK_POLICY = ' + @is_policy_checked
END
IF ( @is_expiration_checked IS NOT NULL )
BEGIN
SET @tmpstr = @tmpstr + ', CHECK_EXPIRATION = ' + @is_expiration_checked
END
END
IF (@denylogin = 1)
BEGIN -- login is denied access
SET @tmpstr = @tmpstr + '; DENY CONNECT SQL TO ' + QUOTENAME( @name )
END
ELSE IF (@hasaccess = 0)
BEGIN -- login exists but does not have access
SET @tmpstr = @tmpstr + '; REVOKE CONNECT SQL TO ' + QUOTENAME( @name )
END
IF (@is_disabled = 1)
BEGIN -- login is disabled
SET @tmpstr = @tmpstr + '; ALTER LOGIN ' + QUOTENAME( @name ) + ' DISABLE'
END
PRINT @tmpstr
END

FETCH NEXT FROM login_curs INTO @SID_varbinary, @name, @type, @is_disabled, @defaultdb, @hasaccess, @denylogin
END
CLOSE login_curs
DEALLOCATE login_curs
RETURN 0


GO

-- Drop existing temporary tables
Declare @DB_Name varchar(100)
Set @DB_Name = 'EnterTheDBName'

if exists(select * from tempdb.sys.tables where name like '#DatabaseSchemas%')
drop table tempdb.dbo.#DatabaseSchemas
if exists (select * from tempdb.sys.tables where name like '#GranularPermissions%')
drop table tempdb.dbo.#GranularPermissions
if exists(select * from tempdb.sys.tables where name like '#UserRolesMapping%')
drop table tempdb.dbo.#UserRolesMapping
if exists(select * from tempdb.sys.tables where name like '#DatabaseUsers%')
drop table tempdb.dbo.#DatabaseUsers
if exists(select * from tempdb.sys.tables where name like '#ServerLogins%')
drop table tempdb.dbo.#ServerLogins
if exists(select * from tempdb.sys.tables where name like '#ServerLoginsRole%')
drop table tempdb.dbo.#ServerLoginsRole
if exists(select * from tempdb.sys.tables where name like '#ServerLoginsGranularPermissions%')
drop table tempdb.dbo.#ServerLoginsGranularPermissions

DECLARE cur_dbnames CURSOR FOR
SELECT name
FROM sys.databases where name not in ( 'msdb','master','tempdb', 'model')
and name not like 'ING%Session%'
and state_desc = 'online'
and name = @DB_Name
order by name


declare @SQL varchar(4000)
declare @DBName varchar(4000)



create table tempdb.dbo.#DatabaseSchemas
(
DatabaseName varchar(500) null,
SchemaName varchar(500) null,
AuthorizedPrincipal varchar(500) null,
SQLCreateSchema varchar(4000) null,
SQLCreateSchemaScript varchar(4000) null
)


create table tempdb.dbo.#GranularPermissions
(
DatabaseName varchar(500) null,
PrincipalName varchar(500) null,
PrincipalType varchar(500) null,
[Permissions] varchar(500) null,
SchemaName varchar(500) null,
ObjectsName varchar(500) null,
SQLGrantObjectsPermission varchar(4000) null,
SQLGrantObjectsPermissionScript varchar(4000) null
)


create table tempdb.dbo.#UserRolesMapping
(
DatabaseName varchar(500) null,
RoleName varchar(500) null,
UserName varchar(500) null,
SQLCreateUserRole varchar(500) null,
SQLCreateUserRoleScript varchar(500) null,
SQLAddRolemember varchar(500) null,
SQLAddRolememberScript varchar(500) null
)


create table tempdb.dbo.#DatabaseUsers
(
DatabaseName varchar(500) null,
LoginName varchar(500) null,
UserName varchar(500) null,
SQLCreateUser varchar(2000) null,
SQLCreateUserScript varchar(2000) null
)

-- Server Logins
create table tempdb.dbo.#ServerLogins
(
ServerName varchar(500) null,
LoginName varchar(500) null,
LoginType varchar(500) null,
SQLCreateLogin varchar(2000) null,
SQLCreateLoginScript varchar(2000) null
)


create table tempdb.dbo.#ServerLoginsRole
(
ServerName varchar(500) null,
LoginName varchar(500) null,
LoginType nvarchar(60) null,
ServerRoleName varchar(500) null,
SQLAddServerRole varchar(2000) null,
SQLAddServerRoleScript varchar(2000) null
)



create table tempdb.dbo.#ServerLoginsGranularPermissions
(
ServerName varchar(500) null,
LoginName varchar(500) null,
PermissionName varchar(400) null,
PermissionDesc varchar(500) null,
SQLLogins#GranularPermissions varchar(2000) null,
SQLLogins#GranularPermissionsScript varchar(2000) null
)



OPEN cur_dbnames
FETCH NEXT FROM cur_dbnames INTO @DBName

WHILE @@Fetch_status = 0
BEGIN
-- Find the Schemas and Authorization

set @SQL = 'use ' + @DBName + '
DECLARE @ls_crlf char(2)
SET @ls_crlf = CHAR(13) + CHAR(10)
insert into tempdb.dbo.#DatabaseSchemas
select DB_Name() as DatabaseName, scm.name as SchemaName, dp.name as AuthorisedPrincipal,
''Use '' + DB_Name() + @ls_crlf + ''GO'' + @ls_crlf + ''if (SCHEMA_ID('' + '''''''' + scm.name + '''''''' + '') IS NULL)'' + @ls_crlf +
''Exec('' + '''''''' + ''Create Schema ['' + scm.name + ''] AUTHORIZATION ['' + dp.name + '']'''''' + '')'' + @ls_crlf + ''GO'' as SQLCreateSchema,
''if (SCHEMA_ID('' + '''''''' + scm.name + '''''''' + '') IS NULL)'' + @ls_crlf + ''Exec('' + '''''''' + ''Create Schema ['' + scm.name + '']
AUTHORIZATION ['' + dp.name + '']'''''' + '');'' + @ls_crlf as SQLCreateSchemaScript
from sys.Schemas scm inner join sys.database_principals dp on scm.principal_id = dp.principal_id
where scm.name not in (''dbo'', ''guest'', ''INFORMATION_SCHEMA'', ''sys'') and schema_id < 16384'

execute(@SQL)

-- Find the Granular Permissions

set @SQL = 'use ' + @DBName + '
DECLARE @ls_crlf char(2)
SET @ls_crlf = CHAR(13) + CHAR(10)
insert into tempdb.dbo.#GranularPermissions
select DB_Name(), Principal.[name] As PrincipalName , case when Principal.type in (''S'', ''U'', ''G'') then ''DatabaseUser''
when Principal.type =''R'' then ''DatabaseRole''
when Principal.type =''A'' then ''AppRole''
when Principal.type =''C'' then ''UserMappedToCertificate''
when Principal.type =''K'' then ''UserMappedToAsymmetricKey'' end as PincipalType,
prm.permission_name as Permission,
case when class = 1 then OBJECT_SCHEMA_NAME(major_id)
when class = 3 then Schema_Name(major_id)
when class = 0 then null end as SchemaName,
case when class = 1 then OBJECT_NAME(major_id)
else null end as ObjectName,
case when prm.class = 0 then ''Use '' + DB_Name() + @ls_crlf + ''GO '' + @ls_crlf + ''Grant '' + permission_name + '' To '' + ''['' + USER_NAME(grantee_principal_id) + '']'' + @ls_crlf + ''GO'' + @ls_crlf
when class = 1 then ''Use '' + DB_Name() + @ls_crlf + ''GO '' + @ls_crlf + ''Grant '' + permission_name + '' ON ['' + OBJECT_SCHEMA_NAME(major_id) + ''].['' + OBJECT_NAME(major_id) + ''] TO '' + ''['' + USER_NAME(grantee_principal_id) + '']'' + @ls_crlf + ''GO'' + @ls_crlf
when class = 3 then ''Use '' + DB_Name() + @ls_crlf + ''GO '' + @ls_crlf + state_desc + '' '' + permission_name + '' ON '' + ''SCHEMA::['' + Schema_Name(major_id) + ''] TO ['' + USER_NAME
(grantee_principal_id) + '']'' + @ls_crlf + ''GO'' + @ls_crlf end as SQL,
case when class = 0 then ''Grant '' + permission_name + '' To '' + ''['' + USER_NAME(grantee_principal_id) + ''];'' + @ls_crlf
when class = 1 then ''Grant '' + permission_name + '' ON ['' + OBJECT_SCHEMA_NAME(major_id) + ''].['' + OBJECT_NAME(major_id) + ''] TO '' + ''['' + USER_NAME(grantee_principal_id) + ''];'' + @ls_crlf
when class = 3 then state_desc + '' '' + permission_name + '' ON '' + ''SCHEMA::['' + Schema_Name(major_id) + ''] TO ['' + USER_NAME (grantee_principal_id) + ''];'' + @ls_crlf + @ls_crlf end
as SQLScript
from sys.database_permissions prm join sys.database_Principals Principal on prm.grantee_principal_id = Principal.principal_id
where Principal.[name] not in (''RSExecRole'', ''dbo'', ''guest'', ''INFORMATION_SCHEMA'', ''sys'', ''##MS_PolicyEventProcessingLogin##'',
''##MS_AgentSigningCertificate##'' ) --- Filter the System users and is_fixed_role <> 1 -- Filter the fixed database roles
and prm.permission_name <> ''CONNECT'' -- Ignore the default Connect Permissions for all users '


execute(@SQL)

-- Find the Role Members

set @SQL = 'use ' + @DBName + '
DECLARE @ls_crlf char(2)
SET @ls_crlf = CHAR(13) + CHAR(10)
insert into tempdb.dbo.#UserRolesMapping
SELECT DB_Name() as DatabaseName, roles.name as RoleName , users.name as UserName,
case when roles.type_desc = ''Database_role'' and roles.principal_id < 16384 then ''Use '' + DB_Name() + @ls_crlf + ''GO '' + @ls_crlf +
''if not exists (select * from sys.database_principals where name = '' + '''''''' + roles.name + '''''''' + '' )'' + @ls_crlf +
''CREATE ROLE ['' + roles.name + '']'' + @ls_crlf + ''GO '' + @ls_crlf else '''' end as SQLCreateUserRole, case when roles.type_desc = ''Database_role'' and roles.principal_id < 16384 then
''if not exists (select * from sys.database_principals where name = '' + '''''''' + roles.name + '''''''' + '' )'' + @ls_crlf +
''CREATE ROLE ['' + roles.name + ''];'' + @ls_crlf else '''' end as SQLCreateUserRoleScript, SQLAddRolemember = ''Use '' + DB_Name() + @ls_crlf + ''GO '' + @ls_crlf +
''EXEC [sp_addrolemember] '' + ''['' + roles.name + ''], ['' + users.name + ''] '' + @ls_crlf + ''GO '' + @ls_crlf,
SQLAddRolememberScript = ''EXEC [sp_addrolemember] '' + ''['' + roles.name + ''], ['' + users.name + '']; '' + @ls_crlf
from sys.database_principals users inner join sys.database_role_members link on link.member_principal_id = users.principal_id
inner join sys.database_principals roles on roles.principal_id = link.role_principal_id
Where users.name != ''dbo'' -- Ignore dbo user
order by DatabaseName'


execute(@SQL)

--Find the Users

set @SQL = 'use ' + @DBName + '
DECLARE @ls_crlf char(2)
SET @ls_crlf = CHAR(13) + CHAR(10)
insert into tempdb.dbo.#DatabaseUsers
select DB_Name(), logins.name, users.name,
''Use '' + DB_Name() + @ls_crlf + ''GO'' + @ls_crlf +
''if not exists (select * from sys.database_principals where name = '' + '''''''' + users.name + '''''''' + '') '' + @ls_crlf +
''CREATE USER ['' + users.name + ''] FOR LOGIN ['' + logins.name + ''] '' + case when users.type <> ''G'' then '' WITH DEFAULT_SCHEMA=['' + users.default_schema_name else ''''
end + '']'' + @ls_crlf + ''GO'' + @ls_crlf as SQLCreateUser,
''if not exists (select * from sys.database_principals where name = '' + '''''''' + users.name + '''''''' + '') '' + @ls_crlf +
''CREATE USER ['' + users.name + ''] FOR LOGIN ['' + logins.name + ''] '' + case when users.type <> ''G'' then '' WITH DEFAULT_SCHEMA=['' + users.default_schema_name else ''''
end + ''];'' + @ls_crlf as SQLCreateUserScript
from sys.server_principals logins inner join sys.database_principals users on logins.sid = users.sid where users.type in ( ''S'', ''U'', ''G'') --Windows, Group ab SQL Users
and users.principal_id > 4'

execute(@SQL)
FETCH NEXT FROM cur_dbnames INTO @DBName
END
CLOSE cur_dbnames
DEALLOCATE cur_dbnames

DECLARE @ls_crlf char(2)
SET @ls_crlf = CHAR(13) + CHAR(10)
-- Find the Server Logins
insert into tempdb.dbo.#ServerLogins
select
@@ServerName as ServerName
, p.name as LoginName
, type_desc as LoginType
, 'Use [Master] ' + @ls_crlf + 'GO' + @ls_crlf +
'if not exists (select name from sys.Server_principals where name = ' + '''' + p.name + '''' + ') ' + @ls_crlf +
case when type = 'S' then 'CREATE LOGIN [' + p.name + '] WITH PASSWORD=N' + '''' + '4UxUb4Gu' + '''' + ', DEFAULT_DATABASE=[' + default_database_name + '], DEFAULT_LANGUAGE=[' + default_language_name + '], CHECK_EXPIRATION=OFF, CHECK_POLICY=ON ' + @ls_crlf + 'GO'
when type in ('G', 'U') then 'CREATE LOGIN [' + p.name + '] FROM WINDOWS WITH DEFAULT_DATABASE=[' + default_database_name + '], DEFAULT_LANGUAGE=[' + default_language_name + '] '
end as SQLCreateLogin,
'if not exists (select name from sys.Server_principals where name = ' + '''' + p.name + '''' + ') ' + @ls_crlf +
case when type = 'S' then 'CREATE LOGIN [' + p.name + '] WITH PASSWORD=N' + '''' + '4UxUb4Gu' + '''' + ', DEFAULT_DATABASE=[' + default_database_name + '], DEFAULT_LANGUAGE=[' + default_language_name + '], CHECK_EXPIRATION=OFF, CHECK_POLICY=ON; ' + @ls_crlf
when type in ('G', 'U') then 'CREATE LOGIN [' + p.name + '] FROM WINDOWS WITH DEFAULT_DATABASE=[' + default_database_name + '], DEFAULT_LANGUAGE=[' + default_language_name + ']; ' + @ls_crlf + @ls_crlf
end as SQLCreateLoginScript
from
sys.server_principals p
INNER JOIN sysusers su on p.sid = su.sid
where
is_disabled <> 1
and type in ('S', 'G', 'U')
and p.name not in ('sa', 'dba')
and p.name not like 'NT Service%'
and p.name not like 'NT Authority%'
order by
type_desc, p.name

-- Find the Server Logins Role Membership

insert into tempdb.dbo.#ServerLoginsRole
SELECT
@@ServerName as ServerName
, p.name as LoginName
, p.type_desc as LoginType
, r.name as [ServerRoleName]
, 'Use [master] ' + @ls_crlf + 'Go' + @ls_crlf + 'ALTER SERVER ROLE [' + r.name + '] ADD MEMBER [' + p.name + '] ' as SQLAddServerRole,
'ALTER SERVER ROLE [' + r.name + '] ADD MEMBER [' + p.name + ']; ' + @ls_crlf as SQLAddServerRoleScript
FROM
sys.server_principals r
INNER JOIN sys.server_role_members m ON r.principal_id = m.role_principal_id
INNER JOIN sys.server_principals p ON p.principal_id = m.member_principal_id
where
p.name not like 'NT Service%'
and p.name not like 'NT Authority%'
and p.name not in ('sa', 'dba')
order by p.name

-- Find the Logins Server Level Permissions

insert into tempdb.dbo.#ServerLoginsGranularPermissions
SELECT
@@ServerName as ServerName
, p.name as LoginName
, sp.permission_name as PermissionName
, sp.state_desc as PermissionDesc
, 'Use [Master]' + @ls_crlf + 'Go' + @ls_crlf + state_desc + ' ' + permission_name + ' To [' + p.name COLLATE DATABASE_DEFAULT + ']' + @ls_crlf + 'Go' as SQLLogins#GranularPermissions,
state_desc + ' ' + permission_name + ' To [' + p.name COLLATE DATABASE_DEFAULT + '];' + @ls_crlf + @ls_crlf as SQLLogins#GranularPermissionsScript
FROM
sys.server_principals p
INNER JOIN sys.server_permissions sp ON p.principal_id = sp.grantee_principal_id
where
p.type in ('S', 'U', 'G')
and p.name not like '##MS_Policy%'
and p.name not like 'NT Service%'
and p.name not like 'NT Authority%'
and p.name not in ('sa')
and permission_name <> 'CONNECT SQL'

-- Analyse the permissions

-- Create Database Schemas
select
DatabaseName
, SchemaName
, AuthorizedPrincipal
, SQLCreateSchemaScript
from
tempdb.dbo.#DatabaseSchemas
order by 1, 2, 3

-- Add Granular Permissions to Database Users/Roles
select
DatabaseName
, PrincipalName
, PrincipalType
, [Permissions]
, SchemaName
, ObjectsName
, SQLGrantObjectsPermissionScript
from
tempdb.dbo.#GranularPermissions
order by
1, 2, 3, 4,5,6

--Create Custom Database Roles
select
distinct DatabaseName
, RoleName
, SQLCreateUserRoleScript
from
tempdb.dbo.#UserRolesMapping
where
SQLCreateUserRole <> ''
order by 1, 2, 3

-- Add Members to Database Roles
select
DatabaseName
, RoleName
, SQLAddRolememberScript
from
tempdb.dbo.#UserRolesMapping
order by 1, 2, 3

-- Create Database Users
select
DatabaseName
, LoginName
, UserName
, SQLCreateUserScript
from
tempdb.dbo.#DatabaseUsers
order by 1, 2,3

--Create SQL Server Logins
select
ServerName
, LoginName
, LoginType
, SQLCreateLoginScript
from
tempdb.dbo.#ServerLogins

-- Add Member Logins to SQL Server Roles
select
ServerName
, LoginName
, LoginType
, ServerRoleName
, SQLAddServerRoleScript
from
tempdb.dbo.#ServerLoginsRole

--SQL Logins Granular Permissions
select
ServerName
, LoginName
, PermissionName
, PermissionDesc
, SQLLogins#GranularPermissionsScript
from
tempdb.dbo.#ServerLoginsGranularPermissions
Sponsor
Rss Feed  Atom Feed
Users browsing this topic
Guest
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.