SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

Retrieving password policy settings for SQL login accounts

Today, I wrote the following query for our internal audit report for SAS70. This query provides all the necessary details about SQL Logins policy settings.

This query is using LOGINPROPERTY function to retrieve the sql login policy settings information:

USE [master]

DECLARE @PwdExpirationAge    [int]

SET @PwdExpirationAge = 28

SELECT [name] AS [sa]
      ,LOGINPROPERTY([name], 'PasswordLastSetTime') AS [PasswordLastResetDT]
      ,@PwdExpirationAge - DATEDIFF(DAY, CONVERT([datetime] 
        ,GETDATE()) AS [DaysUntilExpiration]
      ,LOGINPROPERTY([name], 'BadPasswordCount') AS [BadPasswordCount]
      ,LOGINPROPERTY([name], 'BadPasswordTime') AS [BadPasswordDT]
      ,LOGINPROPERTY([name], 'HistoryLength') AS [HistoryLength]
      ,LOGINPROPERTY([name], 'IsExpired') AS [IsExpired]
      ,LOGINPROPERTY([name], 'IsLocked') AS [IsLocked]
      ,LOGINPROPERTY([name], 'IsMustChange') AS [IsMustChange]
      ,LOGINPROPERTY([name], 'LockoutTime') AS [LockoutTime]
FROM [sys].[sql_logins]
GROUP BY [name]

I hope you will find this query useful.

Basit's SQL Server Tips

Basit Farooq is a Lead Database Administrator, Trainer and Technical Author. He has more than a decade of IT experience in development, technical training and database administration on Microsoft SQL Server platforms. Basit has authored numerous SQL Server technical articles, and developed and implemented many successful database infrastructure, data warehouse and business intelligence projects. He holds a master's degree in computer science from London Metropolitan University, and industry standard certifications from Microsoft, Sun, Cisco, Brainbench, Prosoft and APM, including MCITP Database Administrator 2008, MCITP Database Administrator 2005, MCDBA SQL Server 2000 and MCTS .NET Framework 2.0 Web Applications.


Leave a comment on the original post [basitaalishan.com, opens in a new window]

Loading comments...