Solved

Script to capture logins and user permissions prior to a restore?

Posted on 2014-04-01
2
1,651 Views
Last Modified: 2014-04-07
I'm trying to figure out a way to automate the creation of logins and user permissions. I'm new to SQL administration and inadvertently keep missing one permission here and there and I'm trying to find a full-proof way not to miss any logins and permissions. Below is the manual process I do simply because I don't know any better. Surely there is an automated way to do this?

Scenario:
I have a DB on our test server. I've been asked to restore the DB from production to test and to keep the existing logins and permissions that were on the test DB before the restore.

Current Process:
1) I log onto the test DB.

2) Run the "sp_helpuser" command to capture the existing logins and permissions. Take a screenshot of the results using Snagit or if too large to display all on the screen I copy all with headers and paste it into an Excel spreadsheet.

3) Select the task to "Generate Scripts" and select the following options.
    a) Select specific database objects
    b) Select "users"
    c) Select "Database Roles"
    d) Copy to clipboard

4) Then I store the script to my log file.

5) Backup DB.

Restore Process:

1) Restore DB.

2) Run script that re-creates the Users and Database Roles.

3) Run "sp_helpuser" and reset the missing permissions and orphaned users. I miss these occasionally.
    a) I type the following command to fix the orphaned user issue.
         i) sp_change_users_login 'Auto_Fix', 'User_ID'

Does anyone have a better way of preserving and restoring the logins, users and permissions than what I am doing? I am open to any and all suggestions as I hate making  mistakes.

Thanks
0
Comment
Question by:Lobsterguy
2 Comments
 
LVL 39

Accepted Solution

by:
lcohan earned 500 total points
ID: 39970581
Assuming you take and use a FULL database backup do the following:

Before you RESTORE the database on the other server you should transfer all the Logins by using:
"How to transfer logins and passwords between instances of SQL Server"
http://support.microsoft.com/kb/918992

when you run that sql script on the Source server it will generate output to be executed on the Target server and you can take out logins you don't need to move - don't worry passwords are included but they are hashed.

This way this is the only thing to do security related and after you restore the DB all users from the database will be already binded to the database roles.

That is - Security exists at SQL Server level and must be done first then at the Database level and that's done for you during the database restore.
0
 

Author Closing Comment

by:Lobsterguy
ID: 39983178
Thanks for the input. Should get me going.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Introduction SQL Server Integration Services can read XML files, that’s known by every BI developer.  (If you didn’t, don’t worry, I’m aiming this article at newcomers as well.) But how far can you go?  When does the XML Source component become …
This article explains how to reset the password of the sa account on a Microsoft SQL Server.  The steps in this article work in SQL 2005, 2008, 2008 R2, 2012, 2014 and 2016.
This video shows, step by step, how to configure Oracle Heterogeneous Services via the Generic Gateway Agent in order to make a connection from an Oracle session and access a remote SQL Server database table.
Via a live example, show how to extract information from SQL Server on Database, Connection and Server properties

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now