블로그 이미지
bedbmsguru

Notice

Recent Post

Recent Comment

Recent Trackback

Archive

calendar

 « 2025.2  »
1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28
  • total
  • today
  • yesterday

user가 가지고 있는 권한 확인

2018. 10. 26. 21:31 SQL SERVER

--user별 권한 확인(특정DB에서만 전체DB검색하는건 아래쪽에 있음)
SELECT
    [DatabaseName] = DB_NAME(),     
       [LoginName] = ulogin.[name],
    [DBUserName] = princ.[name],
    [UserType] = CASE princ.[type]
                    WHEN 'S' THEN 'SQL User'
                    WHEN 'U' THEN 'Windows User'
                 END,
    [Role] = null,    
    [PermissionType] = perm. [permission_name],     
    [PermissionState] = perm. [state_desc],     
    [ObjectType] = obj. type_desc,--perm.[class_desc],     
    [ObjectName] = OBJECT_NAME( perm.major_id ),
    [ColumnName] = col. [name]
FROM  
    --database user
    sys.database_principals princ
LEFT JOIN
    --Login accounts
--     select top 100 * from sys.login_token
    sys.syslogins ulogin on princ .[sid] = ulogin .[sid]
LEFT JOIN       
    --Permissions
    sys.database_permissions perm ON perm .[grantee_principal_id] = princ .[principal_id]
LEFT JOIN
    --Table columns
    sys.columns col ON col .[object_id] = perm .major_id
                    AND col .[column_id] = perm .[minor_id]
LEFT JOIN
    sys.objects obj ON perm .[major_id] = obj .[object_id]
WHERE
    princ.[type] in ('S', 'U')
UNION
--List all access provisioned to a sql user or windows user/group through a database or application role
SELECT
       [DatabaseName] = DB_NAME(), 
    [LoginName] = ulogin.[name],
    [DBUserName] = roleprinc.[name],
    [UserType] = CASE memberprinc.[type]
                    WHEN 'S' THEN 'SQL User'
                    WHEN 'U' THEN 'Windows User'
                 END,
    [Role] = roleprinc. [name],    
    [PermissionType] = perm. [permission_name],     
    [PermissionState] = perm. [state_desc],     
    [ObjectType] = obj. type_desc,--perm.[class_desc], 
    [ObjectName] = OBJECT_NAME( perm.major_id ),
    [ColumnName] = col. [name]
FROM  
    --Role/member associations
    sys.database_role_members members
JOIN
    --Roles
    sys.database_principals roleprinc ON roleprinc .[principal_id] = members .[role_principal_id]
JOIN
    --Role members (database users)
    sys.database_principals memberprinc ON memberprinc .[principal_id] = members .[member_principal_id]
LEFT JOIN
    --Login accounts
    sys.syslogins ulogin on memberprinc .[sid] = ulogin .[sid]
LEFT JOIN       
    --Permissions
    sys.database_permissions perm ON perm .[grantee_principal_id] = roleprinc .[principal_id]
LEFT JOIN
    --Table columns
    sys.columns col on col .[object_id] = perm .major_id
                    AND col .[column_id] = perm .[minor_id]
LEFT JOIN
    sys.objects obj ON perm .[major_id] = obj .[object_id]
UNION
--List all access provisioned to the public role, which everyone gets by default
SELECT
       [DatabaseName] = DB_NAME(),
    [LoginName] = '{All Users}',
       [DBUserName] = '{All Users}',
    [UserType] = '{All Users}',
    [Role] = roleprinc. [name],    
    [PermissionType] = perm. [permission_name],     
    [PermissionState] = perm. [state_desc],     
    [ObjectType] = obj. type_desc,--perm.[class_desc],
    [ObjectName] = OBJECT_NAME( perm.major_id ),
    [ColumnName] = col. [name]
FROM  
    --Roles
    sys.database_principals roleprinc
LEFT JOIN       
    --Role permissions
    sys.database_permissions perm ON perm .[grantee_principal_id] = roleprinc .[principal_id]
LEFT JOIN
    --Table columns
    sys.columns col on col .[object_id] = perm .major_id
                    AND col .[column_id] = perm .[minor_id]                 
JOIN
    --All objects 
    sys.objects obj ON obj .[object_id] = perm .[major_id]
WHERE
    --Only roles
    roleprinc.[type] = 'R' AND
    --Only public role
    roleprinc.[name] = 'public' AND
    --Only objects of ours, not the MS objects
    obj.is_ms_shipped = 0
ORDER BY
    princ.[Name] ,
    OBJECT_NAME(perm .major_id),
    col.[name] ,
    perm.[permission_name] ,
    perm.[state_desc] ,
    obj.type_desc --perm.[class_desc]


--user별 권한 확인(전체DB를 돌면서 진행)
set nocount on
declare @permission table (
Database_Name sysname,
LoginName sysname null,
DBUserName sysname null,
UserType sysname null,
[role] sysname null,
PermissionType sysname null,
PermissionState sysname null,
ObjectType sysname null,
ObjectName sysname null,
ColumnName sysname null
)
declare @dbs table (dbname sysname)
declare @Next sysname
insert into @dbs
select name from sys.databases order by name
select top 1 @Next = dbname from @dbs
while (@@rowcount<>0)
begin
insert into @permission
exec('use [' + @Next + ']
SELECT
    [DatabaseName] = DB_NAME(),     
       [LoginName] = ulogin.[name],
    [DBUserName] = princ.[name],
    [UserType] = CASE princ.[type]
                    WHEN ''S'' THEN ''SQL User''
                    WHEN ''U'' THEN ''Windows User''
                 END,
    [Role] = null,    
    [PermissionType] = perm. [permission_name],     
    [PermissionState] = perm. [state_desc],     
    [ObjectType] = obj. type_desc,--perm.[class_desc],     
    [ObjectName] = OBJECT_NAME( perm.major_id ),
    [ColumnName] = col. [name]
FROM  
    sys.database_principals princ
LEFT JOIN
    sys.syslogins ulogin on princ .[sid] = ulogin .[sid]
LEFT JOIN       
    --Permissions
    sys.database_permissions perm ON perm .[grantee_principal_id] = princ .[principal_id]
LEFT JOIN
    --Table columns
    sys.columns col ON col .[object_id] = perm .major_id
                    AND col .[column_id] = perm .[minor_id]
LEFT JOIN
    sys.objects obj ON perm .[major_id] = obj .[object_id]
WHERE
    princ.[type] in (''S'', ''U'')
UNION
--List all access provisioned to a sql user or windows user/group through a database or application role
SELECT
       [DatabaseName] = DB_NAME(), 
    [LoginName] = ulogin.[name],
    [DBUserName] = roleprinc.[name],
    [UserType] = CASE memberprinc.[type]
                    WHEN ''S'' THEN ''SQL User''
                    WHEN ''U'' THEN ''Windows User''
                 END,
    [Role] = roleprinc. [name],    
    [PermissionType] = perm. [permission_name],     
    [PermissionState] = perm. [state_desc],     
    [ObjectType] = obj. type_desc,--perm.[class_desc], 
    [ObjectName] = OBJECT_NAME( perm.major_id ),
    [ColumnName] = col. [name]
FROM  
    --Role/member associations
    sys.database_role_members members
JOIN
    --Roles
    sys.database_principals roleprinc ON roleprinc .[principal_id] = members .[role_principal_id]
JOIN
    --Role members (database users)
    sys.database_principals memberprinc ON memberprinc .[principal_id] = members .[member_principal_id]
LEFT JOIN
    --Login accounts
    sys.syslogins ulogin on memberprinc .[sid] = ulogin .[sid]
LEFT JOIN       
    --Permissions
    sys.database_permissions perm ON perm .[grantee_principal_id] = roleprinc .[principal_id]
LEFT JOIN
    --Table columns
    sys.columns col on col .[object_id] = perm .major_id
                    AND col .[column_id] = perm .[minor_id]
LEFT JOIN
    sys.objects obj ON perm .[major_id] = obj .[object_id]
UNION
--List all access provisioned to the public role, which everyone gets by default
SELECT
       [DatabaseName] = DB_NAME(),
    [LoginName] = ''{All Users}'',
       [DBUserName] = ''{All Users}'',
    [UserType] = ''{All Users}'',
    [Role] = roleprinc. [name],    
    [PermissionType] = perm. [permission_name],     
    [PermissionState] = perm. [state_desc],     
    [ObjectType] = obj. type_desc,--perm.[class_desc],
    [ObjectName] = OBJECT_NAME( perm.major_id ),
    [ColumnName] = col. [name]
FROM  
    --Roles
    sys.database_principals roleprinc
LEFT JOIN       
    --Role permissions
    sys.database_permissions perm ON perm .[grantee_principal_id] = roleprinc .[principal_id]
LEFT JOIN
    --Table columns
    sys.columns col on col .[object_id] = perm .major_id
                    AND col .[column_id] = perm .[minor_id]                 
JOIN
    --All objects 
    sys.objects obj ON obj .[object_id] = perm .[major_id]
WHERE
    --Only roles
    roleprinc.[type] = ''R'' AND
    --Only public role
    roleprinc.[name] = ''public'' AND
    --Only objects of ours, not the MS objects
    obj.is_ms_shipped = 0
ORDER BY
    princ.[Name] ,
    OBJECT_NAME(perm .major_id),
    col.[name] ,
    perm.[permission_name] ,
    perm.[state_desc] ,
    obj.type_desc --perm.[class_desc]'
)
delete @dbs where dbname = @Next
select top 1 @Next = dbname from @dbs
end
set nocount off
select * from @permission



저작자표시

'SQL SERVER' 카테고리의 다른 글

SSMS를 이용하여 Excel 데이터 CTRL + V로 DB에 insert 하기  (0) 2018.10.26
최근에 수정된 Object찾기  (0) 2018.10.26
Linked server List  (0) 2018.10.26
파티션(partition) 테이블 현황조회  (0) 2018.10.26
SSMS의 Tip  (0) 2018.10.26
posted by bedbmsguru

Linked server List

2018. 10. 26. 21:30 SQL SERVER

Linked Server 조회

SELECT ss.server_id 
          ,ss.name 
          ,'Server ' = Case ss.Server_id 
                            when 0 then 'Current Server' 
                            else 'Remote Server' 
                            end 
          ,ss.product 
          ,ss.provider 
          ,ss.catalog 
          ,'Local Login ' = case sl.uses_self_credential 
                            when 1 then 'Uses Self Credentials' 
                            else ssp.name 
                            end 
           ,'Remote Login Name' = sl.remote_name 
           ,'RPC Out Enabled'    = case ss.is_rpc_out_enabled 
                                   when 1 then 'True' 
                                   else 'False' 
                                   end 
           ,'Data Access Enabled' = case ss.is_data_access_enabled 
                                    when 1 then 'True' 
                                    else 'False' 
                                    end 
           ,ss.modify_date 
      FROM sys.Servers ss 
 LEFT JOIN sys.linked_logins sl 
        ON ss.server_id = sl.server_id 
 LEFT JOIN sys.server_principals ssp 
        ON ssp.principal_id = sl.local_principal_id

저작자표시

'SQL SERVER' 카테고리의 다른 글

최근에 수정된 Object찾기  (0) 2018.10.26
user가 가지고 있는 권한 확인  (0) 2018.10.26
파티션(partition) 테이블 현황조회  (0) 2018.10.26
SSMS의 Tip  (0) 2018.10.26
Index REBUILD OR REORG 쿼리  (0) 2018.10.26
posted by bedbmsguru

파티션(partition) 테이블 현황조회

2018. 10. 26. 21:30 SQL SERVER

SELECT t.name AS TableName, i.name AS IndexName , p.partition_number, e.name, f.name, f.type_desc, p.rows, rv.value, 
CASE WHEN f.boundary_value_on_right = 0 THEN 'LEFT' ELSE 'Right' END AS LeftRightBoundary,
CASE WHEN ISNULL(rv.value, rv2.value) IS NULL THEN 'N/A' 
ELSE
    CASE WHEN boundary_value_on_right = 0 AND rv2.value IS NULL THEN '>=' 
        WHEN boundary_value_on_right = 0 THEN '>' 
        ELSE '>=' 
    END + ' ' + ISNULL(CONVERT(varchar(50), rv2.value, 121), 'Min Value') + ' ' + 
        CASE boundary_value_on_right WHEN 1 THEN 'and <' 
                ELSE 'and <=' END 
        + ' ' + ISNULL(CONVERT(varchar(50), rv.value, 121), 'Max Value') 
END AS TextComparison
FROM sys.tables AS t  
JOIN sys.indexes AS i  
    ON t.object_id = i.object_id  
JOIN sys.partitions AS p  
    ON i.object_id = p.object_id AND i.index_id = p.index_id   
JOIN (select bb.name, aa.destination_id from sys.destination_data_spaces aa inner join sys.data_spaces bb ON aa.data_space_id=bb.data_space_id) E
ON p.partition_number = e.destination_id
JOIN  sys.partition_schemes AS s   
    ON i.data_space_id = s.data_space_id  
JOIN sys.partition_functions AS f   
    ON s.function_id = f.function_id
LEFT JOIN sys.partition_range_values AS r   
    ON f.function_id = r.function_id and r.boundary_id = p.partition_number  
LEFT JOIN sys.partition_range_values AS rv
    ON f.function_id = rv.function_id
    AND p.partition_number = rv.boundary_id     
LEFT JOIN sys.partition_range_values AS rv2
    ON f.function_id = rv2.function_id
    AND p.partition_number - 1= rv2.boundary_id
WHERE i.type <= 1 AND t.name = 'LOGIN_INFO_REPOSITORY'
ORDER BY t.name, p.partition_number;

저작자표시

'SQL SERVER' 카테고리의 다른 글

user가 가지고 있는 권한 확인  (0) 2018.10.26
Linked server List  (0) 2018.10.26
SSMS의 Tip  (0) 2018.10.26
Index REBUILD OR REORG 쿼리  (0) 2018.10.26
알아봐요 할 DMV  (0) 2018.09.19
posted by bedbmsguru

티스토리툴바