SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

Better Security with dbatools

I really like the dbatools project. This is a series of PowerShell cmdlets that are built by the community and incredibly useful for migrations between SQL Servers, but also for various administrative actions. I have a short series on these items.

One of the things that I see many junior SQL Server people struggle with (or forget) is the need to get logins onto multiple servers. This is often in situations where some sort of DR or HA technology is being used between instances. An admin will set up a second server, add logins, and forget about the entire system.

Until something fails. Then their failover works perfectly, or mostly, or good enough, and they move on with their day. A few days later

The cmdlet, Sync-DbaSqlLoginPermissions, is designed to help solve this issue. I certainly could use this to quickly sync logins (SQL or Windows) between two instances, but it’s great for an automated, regular sync between two HA or DR instances. If you set this up as a job, it won’t necessarily catch every login if servers fail between the syncs and a login is added, but this will give you some added protection over a long term as you make changes on one system.

This is a way to solve some cross instance issues that are hard in T-SQL, but simple in PoSh. Kudos to the dbatools team for this cmdlet.

The Voice of the DBA

Steve Jones is the editor of SQLServerCentral.com and visits a wide variety of data related topics in his daily editorial. Steve has spent years working as a DBA and general purpose Windows administrator, primarily working with SQL Server since it was ported from Sybase in 1990. You can follow Steve on Twitter at twitter.com/way0utwest


Leave a comment on the original post [voiceofthedba.com, opens in a new window]

Loading comments...