SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


SQL logins orphan users


SQL logins orphan users

Author
Message
Satish Nagaraja
Satish Nagaraja
SSC Veteran
SSC Veteran (272 reputation)SSC Veteran (272 reputation)SSC Veteran (272 reputation)SSC Veteran (272 reputation)SSC Veteran (272 reputation)SSC Veteran (272 reputation)SSC Veteran (272 reputation)SSC Veteran (272 reputation)

Group: General Forum Members
Points: 272 Visits: 308
Hi All,

Just question the poped up during discussion with my collegue regarding fixing SQL orphan users when they are available at instance level and database level after refresh task.

Use [database name]

exec sp_change_users_login 'Autofix', 'Usernname'

OR

use [databasename];
exec sp_change_users_login ‘update_one’, ‘username’,'userlogin’;


AUTO FIX
========
Links user entries in the sysusers table in the current database to logins of the same name in syslogins. It is recommended that the result from the Auto_Fix statement be checked to confirm that the links made are the intended outcome. Avoid using Auto_Fix in security-sensitive situations. Auto_Fix makes best estimates on links, possibly allowing a user more access permissions than intended. User must be a valid user in the current database, and login must be NULL, a zero-length string (”), or not specified.

UPDATE_ONE
==========

Links the specified user in the current database to login. Login must already exist. user and login must be specified.


Testing did not find AUTOFIX option giving more privleages to SQL logins at database level , so unable to prove the AUTO_FIX causes more access permissions.

Does anyone has any suggestions on best way to go about this ??

Cheer Satish :-)
ffarouqi
ffarouqi
SSC-Addicted
SSC-Addicted (482 reputation)SSC-Addicted (482 reputation)SSC-Addicted (482 reputation)SSC-Addicted (482 reputation)SSC-Addicted (482 reputation)SSC-Addicted (482 reputation)SSC-Addicted (482 reputation)SSC-Addicted (482 reputation)

Group: General Forum Members
Points: 482 Visits: 1317
The better way would be...incase if you know that you already have a login for the orphaned user. You can use this command alter user <username> with login = <login name>. This is a much better fix then what you're using.

As far as "auto_fix" is concerned, use this if your sure enough that sql server login name is the same as the orphaned user of the database being mapped (in simple terms login name = user name)

Incase, if you don't already have an existing login, you can create one by using this command
exec sp_change_users_login @action = 'auto_fix', @usernamepattern = 'some user name', @login = 'login name', @password = 'specify a strong password'

I hope this piece of info helps!!!

Regards,
Faisal
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search