Technical Article

Select Group Members from Logins

,

Know who all the individual group members are for a given WINDOWS_GROUP login. This script uses the sys.xp_logininfo procedure to find group members for each login on an instance. This is useful when attempting to remove orphaned WINDOWS_LOGINS. May have issues working across your logged in domain.

/*-------------------------------------------------------------------------------------------------Name: LoginWindowsGroupMemberSelect.sqlPurpose: To find all user accounts for a Windows Group in SQL Server logins.Author: Patrick SlesickiNotes:Returns all user logins for a Windows GroupSimply execute on an instance to get results.Tested on SQL Server versions 2012 through 2017. This should work on 2008 and 2008R2 but I've not tested it there.Adapted from a presentation by Laura Grob.Historyyyyy-mm-dd Init Description2018-02-14 PLS Created---------------------------------------------------------------------------------------------------Preliminaries-------------------------------------------------------------------------------------------------*/SET NOCOUNT ON;SET TRANSACTION ISOLATION LEVEL READ UNCOMMITTED;/*-------------------------------------------------------------------------------------------------Declarations-------------------------------------------------------------------------------------------------*/DECLARE @WindowsGroupName AS nvarchar(128);DECLARE @GroupLoginTable AS table (AccountName nvarchar(128) NULL);DECLARE @GroupLoginMemberTable AS table(AccountName nvarchar(128) NULL,Type char(8) NULL,Privilege char(9) NULL,MappedLoginName nvarchar(128) NULL,PermissionPath nvarchar(128) NULL);/*-------------------------------------------------------------------------------------------------Find windows groups-------------------------------------------------------------------------------------------------*/INSERT INTO @GroupLoginTable (AccountName)SELECT nameFROM sys.server_principalsWHERE type_desc = N'WINDOWS_GROUP';/*-------------------------------------------------------------------------------------------------Cycle through groups to find members-------------------------------------------------------------------------------------------------*/WHILE EXISTS (SELECT * FROM @GroupLoginTable)BEGINSET @WindowsGroupName = (SELECT TOP (1) AccountName FROM @GroupLoginTable);INSERT INTO @GroupLoginMemberTable(AccountName,Type,Privilege,MappedLoginName,PermissionPath)EXEC sys.xp_logininfo@acctname = @WindowsGroupName,@option = 'members';DELETE FROM @GroupLoginTableWHERE AccountName = @WindowsGroupName;END;/*-------------------------------------------------------------------------------------------------Output results-------------------------------------------------------------------------------------------------*/SELECTWindowsGroup = PermissionPath,AccountName,PrivilegeFROM @GroupLoginMemberTableORDER BYWindowsGroup,AccountName;/*-------------------------------------------------------------------------------------------------END-------------------------------------------------------------------------------------------------*/

Rate

1 (1)

You rated this post out of 5. Change rating

Share

Tags

Join the discussion and add your comment

Share

Rate

1 (1)

You rated this post out of 5. Change rating

Related content

Technical Article

Orphaned Users Search and Destroy

This script will find all orphaned users on all databases on an instance, and generate a script to drop each user. Simply execute, copy the values from the DropScript column to a new SSMS window and execute. There are two risks with this script. Use with caution: This script attempts to take into account users […]

You rated this post out of 5. Change rating

2020-03-16 (first published: )

1,112 reads

Technical Article

Orphaned Users Search and Destroy

This script will find all orphaned users on all databases on an instance, and generate a script to drop each user. Simply execute, copy the values from the DropScript column to a new SSMS window and execute. There are two risks with this script. Use with caution: This script attempts to take into account users […]

You rated this post out of 5. Change rating

2020-03-13

Technical Article

String Search

The script searches through every column of every record in a database to find a value. It works with numbers too. Simply assign a value to @MyString. Indicate what datatype(s) you wish to search through, and indicate if you want wildcards, and execute. The search is smart and will only search through columns where @MyString is […]

3 (3)

You rated this post out of 5. Change rating

2020-03-05 (first published: )

1,104 reads

SQLServerCentral Article

The Basics of Cryptography Part 2

Encryption in SQL Server is difficult to implement and manage, but it is being required more and more often. However understanding what encryption means is as important as being able to manage and implement it. Michael Coles brings us part 2 in his series on explaining the mysteries behind cryptography.

You rated this post out of 5. Change rating

2005-08-17

10,919 reads