November 24, 2009 at 9:22 am
Whenever a user logs into SQL Server 2008 via a Windows group how can I determine which server roles are applicable to that user when only the windows group is listed in sys.server_principals
The user and suser functions return information to the user's windows login not the group that they entered SQL Server by.
Help appreciated.
November 29, 2009 at 4:36 pm
November 30, 2009 at 10:51 am
Thanks for the advice. So it looks like I've got to:
1) Create a linked server to OLE DB Provider for Microsoft Directory Services
2) Find out which Windows Group(s) the user belongs to
3) Determine the superset of server-roles that are applicable to the Windows Groups returned in step 2.
A piece of cake considering my LDAP is very rusty :crazy:
December 2, 2009 at 6:02 am
I also posted this on the SQL Server 2005 Security forum and got the answer to use IS_SVRROLEMEMBER which solves my problem.
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply