Some really good stuff in here, thanks again.

One apparent omission is that the only permissions currently picked up are specific to a user, as opposed to a database or application role.

It is useful to know which permissions have been assigned to a database role, and the users that are members of that role.

I have written these in the past, will retrieve them if I can find them = )

dan