SQL Script to generate script for existing database permissions

-***********************************************************************************/ -- Description : SQL Script to generate script for existing database permissions -This Script will generate a Script, which can used to copy the permissions from one server to another Server -- Compatibility : 7.0+ -- This Script should be executed in specific database or master -***********************************************************************************/ set nocount on go use Northwind go create table perms ( perms varchar (100) ) declare @name varchar(50) declare @object_id int declare @action tinyint declare @protect_type tinyint declare perms cursor for select su.name, sp.id, sp.action, sp.protecttype from sysusers su inner join sysprotects sp on (su.uid = sp.uid) order by su.name open perms fetch next from perms into @name, @object_id, @action, @protect_type while (@@fetch_status = 0) begin if @action = 26 insert into perms select 'GRANT REFERENCES' + ' ON [' + object_name(@object_id) + '] TO if @action = 178 insert into perms select 'GRANT CREATE FUNCTION TO ' + @name if @action = 193 insert into perms select 'GRANT SELECT' + ' ON [' + object_name(@object_id) + '] TO ' + if @action = 195 insert into perms select 'GRANT INSERT' + ' ON [' + object_name(@object_id) + '] TO ' + if @action = 196 insert into perms select 'GRANT DELETE' + ' ON [' + object_name(@object_id) + '] TO ' + if @action = 197 insert into perms select 'GRANT UPDATE' + ' ON [' + object_name(@object_id) + '] TO ' + if @action = 198 insert into perms

' + @name

@name

@name

@name

@name

select 'GRANT CREATE TABLE TO ' + @name if @action = 203 insert into perms select 'GRANT CREATE DATABASE TO ' + @name if @action = 207 insert into perms select 'GRANT CREATE VIEW TO ' + @name if @action = 222 insert into perms select 'GRANT CREATE PROCEDURE TO ' + @name if @action = 224 insert into perms select 'GRANT EXECUTE' + ' ON [' + object_name(@object_id) + '] TO ' + @name if @action = 228 insert into perms select 'GRANT BACKUP DATABASE TO ' + @name if @action = 233 insert into perms select 'GRANT CREATE DEFAULT TO ' + @name if @action = 235 insert into perms select 'GRANT BACKUP LOG TO ' + @name if @action = 236 insert into perms select 'GRANT CREATE RULE TO ' + @name insert into perms values ('GO') fetch next from perms into @name, @object_id, @action, @protect_type end close perms deallocate perms select * from perms drop table perms set nocount off

What all Database Permissions are being assigned to a particular login ?

During this season, Auditor was very tuff and he identified a suspected login and he wanted to know 1. 2. 3. 4. 5. 6. What are the permissions are being assigned to a that login ? What all this user can do to at individual database object level ? What server permissions are being assigned to this user? What all tables can be modified by a particular user ? What all stored procedures can be executed by this user ? any many more.

Graphically, I shared some screen shots, but he was not pleased with those and he is looking for detailed level report for that particular user.

To answer all these questions, I used a script, which was being written by Pete Carter. This script will show exactly what permissions a login/user has, at all levels of SQL Server, from

permissions at the instance level, right the way through to object-level permissions in every database.
EXECUTE AS LOGIN = 'INSERT LOGIN NAME HERE'

CREATE TABLE ##ObjectLevel ( DatabaseName Name SubEntityName PermissionName ) EXECUTE sp_msforeachdb 'USE [?] INSERT INTO ##ObjectLevel SELECT db_name(), t.name, c.subentity_name, c.permission_name NVARCHAR(128), NVARCHAR(128), NVARCHAR(128), NVARCHAR(128)

FROM sys.objects t CROSS APPLY fn_my_permissions(QUOTENAME(t.name), ''OBJECT'') c' SELECT NULL AS 'Database Owning Object', @@SERVERNAME AS 'Securable Name', a.subentity_name COLLATE Latin1_General_100_CI_AI AS 'Subentity Name', a.permission_name COLLATE Latin1_General_100_CI_AI AS 'Permission Name' FROM fn_my_permissions(NULL, 'SERVER') a UNION ALL SELECT NULL, d.name COLLATE Latin1_General_100_CI_AI, b.subentity_name COLLATE Latin1_General_100_CI_AI, b.permission_name COLLATE Latin1_General_100_CI_AI FROM sys.databases d CROSS APPLY fn_my_permissions(QUOTENAME(d.name), 'DATABASE') b UNION ALL SELECT o.DatabaseName COLLATE Latin1_General_100_CI_AI, o.Name COLLATE Latin1_General_100_CI_AI, o.SubentityName COLLATE Latin1_General_100_CI_AI, o.PermissionName COLLATE Latin1_General_100_CI_AI FROM ##ObjectLevel o DROP TABLE ##ObjectLevel REVERT

The above script will, give you very detailed information at every object of every individual database and might take some (30 sec) time to execute too.

Note : In case, you want to get result for some specific database then simply add WHERE d.name = MyDatabase to the end of the second select statement.

SQL Script to find find database object information

1. what all tables exists on database 2. Number of records in those tables 3. Does all tables have indexes or not 4. How many indexes are built on a particular table 5. How much space is being occupied by a particular table 6. What is the total index size of a particular table If you are looking for answers to all these question, the following script is for you.. Following script will Returns name, type, rows, number of indexes and other key information about the database SQL2000 and later , check output as image
/* Returns name, type, rows, number of indexes and other key information about the database SQL2000 and later */

SET NOCOUNT ON CREATE TABLE #TableInfo (Name sysname NULL, Rows int, Reserved varchar(256) NULL, Data varchar(256) NULL, Index_Size varchar(256) NULL, Unused varchar(256) NULL) CREATE TABLE #DBTables (Instance sysname NULL, DBName sysname NULL, TableName sysname NULL, TableType char(2), TableRows int NULL, IndexCount int NULL, ReservedKB int NULL, DataSizeKB int NULL, IndexSizeKB int NULL, UnusedKB int NULL) DECLARE DECLARE DECLARE DECLARE DECLARE DECLARE DECLARE @DatabaseName varchar(64) @TableName varchar(256) @xtype char(2) @TableRows int @IndexCount int @ReservedKB int @DataSizeKB int

DECLARE @IndexSizeKB int DECLARE @UnusedKB int DECLARE cs CURSOR FOR SELECT su.name + '.[' + so.name + ']', so.xtype FROM sysobjects so INNER JOIN sysusers su ON (so.uid = su.uid) WHERE so.xtype in ('U', 'S') SELECT @DatabaseName = DB_NAME(dbid) FROM master..sysprocesses WHERE spid=@@SPID

OPEN cs FETCH NEXT FROM cs INTO @TableName, @xtype WHILE (@@FETCH_STATUS = 0) BEGIN TRUNCATE TABLE #TableInfo IF @xtype = 'U' INSERT INTO #TableInfo exec sp_spaceused @TableName , @updateusage = 'TRUE' ELSE INSERT INTO #TableInfo exec sp_spaceused @TableName SELECT @TableRows = Rows, @ReservedKB = CAST(SUBSTRING(Reserved, 1, CHARINDEX('KB', Reserved, 1)-1) AS int), @DataSizeKB = CAST(SUBSTRING(Data, 1, CHARINDEX('KB', Data, 1)-1) AS int), @IndexSizeKB = CAST(SUBSTRING(Index_Size, 1, CHARINDEX('KB', Index_Size, 1)-1) AS int), @UnusedKB = CAST(SUBSTRING(Unused, 1, CHARINDEX('KB', Unused, 1)-1) AS int) FROM #TableInfo SELECT @IndexCount = COUNT(*) FROM sysindexes WHERE id=OBJECT_ID(@TableName) AND name NOT LIKE '_WA_Sys%' AND indid > 0 INSERT INTO #DBTables VALUES (@@SERVERNAME, @DatabaseName, @TableName, @xtype, @TableRows, @IndexCount, @ReservedKB, @DataSizeKB, @IndexSizeKB, @UnusedKB)

FETCH NEXT FROM cs INTO @TableName, @xtype END CLOSE cs DEALLOCATE cs SELECT Instance, DBName, TableName, TableType, TableRows, IndexCount, ReservedKB, DataSizeKB, IndexSizeKB, UnusedKB FROM #DBTables DROP TABLE #DBTables DROP TABLE #TableInfo