Click here to monitor SSC
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in
Home       Members    Calendar    Who's On

Add to briefcase

Orphaned users Expand / Collapse
Posted Friday, April 5, 2013 4:42 AM
Old Hand

Old HandOld HandOld HandOld HandOld HandOld HandOld HandOld Hand

Group: General Forum Members
Last Login: Monday, May 23, 2016 12:21 PM
Points: 316, Visits: 1,327
I've 2 sql server instances on my local system.
I backed up a database from one instance and restored that database on the other instance.
I copied over the logins from the 1st instance to the 2nd instance.

Then I ran the following statement on the 2nd instance to check if there are any orphaned users but I got 0 results.
sp_change_users_login @Action='Report'

But I still cannot login into the newly restored database with any of the sql server logins. Am i missing something?
Post #1439152
Posted Friday, April 5, 2013 5:41 AM

Ten Centuries

Ten CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen Centuries

Group: General Forum Members
Last Login: Yesterday @ 2:15 PM
Points: 1,427, Visits: 9,273
You may still need to "re-associate" the SQL Login with the DB user.

I've found these two queries to do a bang-up job for finding and fixing orphaned users (and possibly what you're running into:)

--The "new" way.  Script to find orphans was pulled from
--Alter User is the MS recommended method to fix
use [DBName];
dp.sid AS DBSid
FROM sys.database_principals dp
LEFT OUTER JOIN sys.server_principals sp
ON dp.sid = sp.sid
AND dp.type = 'S' -- SQL_USER
AND dp.principal_id > 4

use [DBName];
alter user /*{User reported from above}*/ with
login = /*{SQL Login for user}*/;

I don't recall where on here I found the "find orphaned users" query, so to whoever posted it, the credit is yours.

What you could try doing to fix your issue is, run the second part of the script, the alter user {whatever} with...
It won't hurt (unless you typo) and it may help.

Post #1439166
Posted Friday, April 5, 2013 6:53 AM



Group: General Forum Members
Last Login: Today @ 2:17 AM
Points: 14,330, Visits: 37,442
here's a very similar version when compared to Jasons;

if a user matches it's login SID, it fine and nothing needs to be changed.
If the SID doesn't match , it builds the ALTER USER command
if the login is missing, it builds a CREATE LOGIN command(with a default password!), and also the ALTER USER command.

depending on your situation, you might not need to create missing logins
WHEN is not null and dbloginz.sid <> svloginz.sid
THEN '--Login Exists but wrong sid: remap!
ALTER USER ' + quotename( + ' WITH LOGIN = ' + quotename( + ';'
ALTER USER ' + quotename( + ' WITH LOGIN = ' + quotename( + ';'
from sys.database_principals dbloginz
LEFT OUTER JOIN sys.server_principals svloginz
on =
WHERE dbloginz.type IN ('S','U')
AND NOT IN('dbo','guest','INFORMATION_SCHEMA','sys')


help us help you! If you post a question, make sure you include a CREATE TABLE... statement and INSERT INTO... statement into that table to give the volunteers here representative data. with your description of the problem, we can provide a tested, verifiable solution to your question! asking the question the right way gets you a tested answer the fastest way possible!
Post #1439183
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse