I use the two DDL TRIGGER statements below but script doesn't work. They only prevent a user from dropping or renaming a user account. I need to be able to rollback even if a user change the permission on a account.
'You must disable Trigger "PermissionChange" to drop, logins!'
create trigger rob
on all server
for drop_login, alter login