Solved

T-sql I need an awesome script that pulls all permissions for user

Posted on 2013-02-06
1
311 Views
Last Modified: 2013-02-11
I need a query that will tell me if a user is part of another usergroup.. For example there may be a user group called "dq\analyst" and in this group there are 3 users.. I have a user named    "dg\rep1" and I somehow they can not login to a database even after giving them select permissions. I think they are a part of a group like "dq\analyst" that has been denied access to that database.. I have sooo many of these user groups and I dont know which group they could be a part of..Maybe I need a script that tells me which groups have been denied access.
0
Comment
Question by:cheryl9063
1 Comment
 
LVL 9

Accepted Solution

by:
selva_kongu earned 500 total points
ID: 38862813
try this script

SELECT [UserName] = ulogin.[name],
       [UserType]             = CASE princ.[type]
                         WHEN 'S' THEN 'SQL User'
                         WHEN 'U' THEN 'Windows User'
                         WHEN 'G' THEN 'Windows Group'
                    END,
       [DatabaseUserName]     = princ.[name],
       [Role]                 = NULL,
       [PermissionState]      = perm.[state_desc],
       [PermissionType]       = perm.[permission_name],
       [ObjectType]           = CASE perm.[class]
                           WHEN 1 THEN obj.type_desc -- Schema-contained objects
                           ELSE perm.[class_desc] -- Higher-level objects
                      END,
       [ObjectName]           = CASE perm.[class]
                           WHEN 1 THEN OBJECT_NAME(perm.major_id) -- General objects
                           WHEN 3 THEN schem.[name] -- Schemas
                           WHEN 4 THEN imp.[name] -- Impersonations
                      END,
       [ColumnName]           = col.[name]
FROM   --database user
       sys.database_principals princ
       LEFT JOIN --Login accounts
            sys.server_principals ulogin
            ON  princ.[sid] = ulogin.[sid]
       LEFT JOIN --Permissions
            sys.database_permissions perm
            ON  perm.[grantee_principal_id] = princ.[principal_id]
       LEFT JOIN --Table columns
            sys.columns col
            ON  col.[object_id] = perm.major_id
            AND col.[column_id] = perm.[minor_id]
       LEFT JOIN sys.objects obj
            ON  perm.[major_id] = obj.[object_id]
       LEFT JOIN sys.schemas schem
            ON  schem.[schema_id] = perm.[major_id]
       LEFT JOIN sys.database_principals imp
            ON  imp.[principal_id] = perm.[major_id]
WHERE  princ.[type] IN ('S', 'U', 'G')
       AND -- No need for these system accounts
           princ.[name] NOT IN ('sys', 'INFORMATION_SCHEMA')
ORDER BY
       ulogin.[name],
       [UserType],
       [DatabaseUserName],
       [Role],
       [PermissionState],
       [PermissionType],
       [ObjectType],
       [ObjectName],
       [ColumnName] 

Open in new window

0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Present Absent from working date rage 11 49
Are triggers slow? 7 25
how to restore or keep sql2000  backups useful... 2 28
SQL syntax question 6 45
Long way back, we had to take help from third party tools in order to encrypt and decrypt data.  Gradually Microsoft understood the need for this feature and started to implement it by building functionality into SQL Server. Finally, with SQL 2008, …
Introduction: When running hybrid database environments, you often need to query some data from a remote db of any type, while being connected to your MS SQL Server database. Problems start when you try to combine that with some "user input" pass…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question