RE: AlwaysOn AG failed over changed sql user passwords???

SSC-Dedicated

Points: 33506

August 1, 2014 at 7:35 am

This is the script I use to genereate the CREATE LOGIN code:

select

sp.name

, sp.type_desc

, 'CREATE LOGIN [' + sp.name + '] '

+ case when sp.type in ('U', 'G')

then 'FROM WINDOWS '

else ''

end

+ 'WITH '

+ case when sl.password_hash IS NOT NULL

then 'PASSWORD = ' + convert(nvarchar(max), password_hash, 1) + ' HASHED, '

else ''

end

+ 'DEFAULT_DATABASE = [' + ISNULL(sp.default_database_name, 'master') + '] '

+ ISNULL(', DEFAULT_LANGUAGE = [' + sp.default_language_name + '] ', '')

+ CASE WHEN sp.type_desc = 'SQL_LOGIN'

THEN ', CHECK_EXPIRATION = ' + case is_expiration_checked when 0 then 'OFF, ' else 'ON, ' END

+ 'CHECK_POLICY = ' + case is_policy_checked when 0 then 'OFF, ' else 'ON, ' END

+ 'SID = ' + convert(nvarchar(max), sp.sid, 1)

ELSE ''

END

+ case when sp.is_disabled = 'TRUE'

then ';ALTER LOGIN [' + sp.name + '] DISABLE'

else ''

end

as create_stmt

from master.sys.server_principals sp-- get all logins from [server_principals]

left outer join master.sys.sql_logins sl-- and get some additional information from [sql_logins]

on sp.principal_id = sl.principal_id

and sp.type = sl.type

** Don't mistake the ‘stupidity of the crowd’ for the ‘wisdom of the group’! **