Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase

Auditing individual user accounts Expand / Collapse
Author
Message
Posted Wednesday, July 10, 2013 2:03 PM
Old Hand

Old HandOld HandOld HandOld HandOld HandOld HandOld HandOld Hand

Group: General Forum Members
Last Login: Monday, December 8, 2014 1:29 PM
Points: 323, Visits: 1,475
Hello. We have a number of production DBs with database roles and Active Directory domain groups defined within these roles. Typical good practice I think.

Unfortunately we've had a lot of individual Windows users creep into our DBs and roles too. Some may be legitimate "one offs" but the rest I'd like to identify and purge as long as I can verify their access is already fulfilled from an existing domain group.

I'm looking at comparing results from xp_logininfo to those from sys.database_principles and is_member() but it's not clear what those results mean.

Has anyone done something like this? What was your strategy?

Thanks,
Ken
Post #1472340
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse