Hi Folks,
In this article we are going How to List SQL Script to find the Roles assigned to the SQL Logins including Create_data and modify_date.
In this post we are going to discuss following points:
- Problem Statement of SQL Script:
- Description of SQL Script:
- SQL Script Output Column
- SQL Script Code
- SQL Script Output Screenshot
- User Level to execute
Problem Statement of SQL Script:
How to List SQL Script to find the Roles assigned to the SQL Logins including Create_data and modify_date ?
Description of SQL Script:
This script will Gives the Login information.
SQL Script Output Column
SQL Script Code
SET XACT_ABORT OFF; SET NOCOUNT ON; DECLARE @principals TABLE ( PRIMARY KEY ( principal_type ,principal_name ,member_name ) ,principal_type VARCHAR(180) NOT NULL ,principal_name VARCHAR(180) NOT NULL ,member_name VARCHAR(180) NOT NULL ,create_date DATETIME NULL ,modify_date DATETIME NULL ,admin_role_desc VARCHAR(180) NULL ,logininfo_note VARCHAR(8000) NULL ); -- insert all accounts and groups into result: INSERT INTO @principals SELECT type_desc ,NAME ,'-' AS member_name ,create_date ,modify_date ,( CASE is_srvrolemember('sysadmin', NAME) WHEN 1 THEN 'sysadmin|' ELSE NULL END + CASE is_srvrolemember('securityadmin', NAME) WHEN 1 THEN 'securityadmin|' ELSE NULL END + CASE is_srvrolemember('serveradmin', NAME) WHEN 1 THEN 'serveradmin|' ELSE NULL END + CASE is_srvrolemember('setupadmin', NAME) WHEN 1 THEN 'setupadmin|' ELSE NULL END + CASE is_srvrolemember('processadmin', NAME) WHEN 1 THEN 'processadmin|' ELSE NULL END + CASE is_srvrolemember('diskadmin', NAME) WHEN 1 THEN 'diskadmin|' ELSE NULL END + CASE is_srvrolemember('dbcreator', NAME) WHEN 1 THEN 'dbcreator|' ELSE NULL END + CASE is_srvrolemember('bulkadmin', NAME) WHEN 1 THEN 'bulkadmin|' ELSE NULL END ) AS admin_role_desc ,NULL AS logininfo_note FROM sys.server_principals; DECLARE @admin_groups TABLE ( PRIMARY KEY ( group_type ,group_name ) ,group_type VARCHAR(180) NOT NULL ,group_name VARCHAR(180) NOT NULL ); DECLARE @logininfo TABLE ( PRIMARY KEY ( account_name ,permission_path ) ,account_name VARCHAR(180) NOT NULL ,type VARCHAR(180) NULL ,privilege VARCHAR(180) NULL ,mapped_login_name VARCHAR(180) NULL ,permission_path VARCHAR(180) NOT NULL ); -- For each domain group with admin privilages, -- insert one record for each of it's member accounts into the result: DECLARE @group_type VARCHAR(180) ,@group_name VARCHAR(180); SELECT @group_type = '*' ,@group_name = '*'; WHILE @group_name IS NOT NULL BEGIN SELECT @group_type = NULL ,@group_name = NULL; SELECT TOP 1 @group_type = principal_type ,@group_name = principal_name FROM @principals WHERE principal_type IN ('windows_group') AND member_name = '-' AND admin_role_desc IS NOT NULL AND principal_name NOT IN ( SELECT group_name FROM @admin_groups ); IF @group_name IS NOT NULL BEGIN INSERT @admin_groups VALUES ( @group_type ,@group_name ); BEGIN TRY DELETE FROM @logininfo; INSERT INTO @logininfo EXEC master..xp_logininfo @group_name ,'members'; -- Update number of members for group to logininfo_note: UPDATE @principals SET logininfo_note = 'xp_logininfo returned ' + cast( @@rowcount AS VARCHAR(9)) + ' members.' WHERE principal_type IN ('windows_group' ) AND principal_name = @group_name AND member_name = '-'; END TRY BEGIN CATCH UPDATE @principals SET logininfo_note = 'xp_logininfo returned error ' + cast(error_number() AS VARCHAR(9)) WHERE principal_type IN ('windows_group' ) AND principal_name = @group_name AND member_name = '-'; END CATCH -- For each group member, insert a record into the result: INSERT INTO @principals SELECT @group_type AS principal_type ,@group_name AS principal_name ,account_name AS member_name ,NULL AS create_date ,NULL AS modify_date ,( SELECT admin_role_desc FROM @principals WHERE principal_type = @group_type AND principal_name = @group_name AND member_name = '-' ) AS admin_role_desc ,NULL AS logininfo_note FROM @logininfo; -- For each group member that is a group, -- insert a record of type 'WINDOWS_GROUP' into the result: INSERT INTO @principals SELECT 'WINDOWS_GROUP' AS principal_type ,account_name AS principal_name ,'-' AS member_name ,NULL AS create_date ,NULL AS modify_date ,( SELECT admin_role_desc FROM @principals WHERE principal_type = @group_type AND principal_name = @group_name AND member_name = '-' ) AS admin_role_desc ,NULL AS logininfo_note FROM @logininfo WHERE type = 'group' AND NOT EXISTS ( SELECT 1 FROM @principals WHERE principal_type = 'WINDOWS_GROUP' AND principal_name = account_name AND member_name = '-' ); END; END; SELECT principal_type ,principal_name ,logininfo_note ,member_name ,create_date ,modify_date ,admin_role_desc FROM @principals WHERE admin_role_desc IS NOT NULL ORDER BY principal_type ,principal_name ,member_name;
SQL Script Output Screenshot
User Level to execute
300
Hope you will like How to List SQL Script to find the Roles assigned to the SQL Logins including Create_data and modify_date.
If you really like reading my blog and understood at least few thing then please don’t forget to subscribe my blog.
If you want daily link and analysis or interesting link go to following website which will give @ your inbox please subscribe our following link resource blog :
For More information related to BI World visit my Mentalist Blog
SQL Server Mentalist >> SQL Learning Blog
Business Intelligence Mentalist >> BI World
Infographic Mentalist >> Image worth explaining thousand Words
Microsoft Mentalist >> MVC,ASP.NET, WCF & LinQ
DBA Mentalist >>Advance SQL Server Blog
Microsoft BI Mentalist >> MS BI Development Update
Connect With me on
Filed under: Link, Microsoft SQL Server, MSBI, Optimization, Query, Script, SQL Mentalist, SQL PraRup, SQL Query, SQL Server, SQL Tricks, Technology,, TSQL, Vishal Pawar Tagged: DBA, Fast SQL, Microsoft SQL Server, SQL Help, SQL Mentalist, SQL Script, SQL Server, SQL Server 2008 R2, SQL Server 2012, SQL tips, SQL Tricks, TSQL, Vishal Pawar
