Home Forums SQL Server 7,2000 Security How to determine SQL Security Login group for windows login when user is member of active directory security group. RE: How to determine SQL Security Login group for windows login when user is member of active directory security group.

  • July 24, 2015 at 12:06 pm

    #1814868

    i've put together this cursor in the past that iterates through all windows groups in SQL, and enumerates their members.

    finally, i account names that were found for admin vs user priviledges.

    i tested this on a server that has no individual windows logins, all logins inherited through groups,and i get the individuals i'm looking for.

    IF OBJECT_ID('[tempdb].[dbo].[#TMP]') IS NOT NULL

    DROP TABLE [dbo].[#TMP]

    CREATE TABLE [dbo].[#TMP] (

    [ACCOUNT NAME] NVARCHAR(256) NULL ,

    [TYPE] VARCHAR(8) NULL ,

    [PRIVILEGE] VARCHAR(8) NULL ,

    [MAPPED LOGIN NAME] NVARCHAR(256) NULL ,

    [PERMISSION PATH] NVARCHAR(256) NULL )

    USE MASTER

    declare

    @isql varchar(2000),

    @name varchar(64)

    declare c1 cursor for

    select name FROM master.sys.server_principals

    WHERE type_desc = 'WINDOWS_GROUP'

    AND name NOT LIKE '%$%'

    AND name not like 'NT SERVICE\%'

    open c1

    fetch next from c1 into @name

    While @@fetch_status <> -1

    begin

    select @isql = 'INSERT INTO #TMP EXEC master..xp_logininfo @acctname = ''' + @name +''',@option = ''members'' '

    print @isql

    exec(@isql)

    fetch next from c1 into @name

    end

    close c1

    deallocate c1

    SELECT * FROM #tmp

    --SELECT IS_SRVROLEMEMBER('sysadmin',[Account Name]),* FROM #tmp

    Lowell

    --help us help you! If you post a question, make sure you include a CREATE TABLE... statement and INSERT INTO... statement into that table to give the volunteers here representative data. with your description of the problem, we can provide a tested, verifiable solution to your question! asking the question the right way gets you a tested answer the fastest way possible!