I know this can be done in code (C#) by using WindowsIdentity, but is there a way to do this within the SP itself?
I tried using the USER function but it's returning dbo instead of the name. Is this because the user is the owner of the database? If that's so, how can I get the db owner's login name?
EDIT:
The application that executes the SP uses the sa user account, so if I use SYSTEM_USER, the returned value is sa.
SELECT SYSTEM_USER
Will return name of user which excecute code in SQL. More in this aricle
If SQL server service work from sa there is no way to get (windows) username from SQL Server side. I suppose it is security issue. Most information about connection to your SQL Server you may get from table sys.dm_exec_connections. There are stored IP addreses and port s and other useful things for existings connections.
Related
I wonder if it is possible to find out a Windows account details like user name that user used to connect to SQL server DB through Windows Authentication connection?
I have a table that has a UserName column and I would like to select the rows that have the UserName value the same as the login account name. Is it possible to write a stored procedure or function something like this
SELECT * from MyTable where MyTable.UserName =
Thank you
Use SYSTEM_USER:
"If the current user is logged in to SQL Server by using Windows Authentication, SYSTEM_USER returns the Windows login identification name in the form: DOMAIN\user_login_name. However, if the current user is logged in to SQL Server by using SQL Server Authentication, SYSTEM_USER returns the SQL Server login identification name, such as WillisJo for a user logged in as WillisJo."
The standard in our company is to log the user name that inserts or updates a record at the time the record is inserted or updated. We inset and update the tables calling stored procedures from applications. We use SUSER_SNAME() in the stored procedures to get the name. Now we've added inserting records in a table on a linked server. The SUSER_SNAME function not is returning the same login name as it does on the native database. Instead it is returning the name of the account created to link with. I know I can pass the user name as another parameter to the query, but it would be easier if there is a built-in function that works both when connected to the server directly, and when connecting to a linked server. Is there a built-in function that does this?
Stored procedure
INSERT INTO Account (ForeignKey, AccountNumber, IsProcessed,
Origin, Updated, LoginName, Total)
VALUES (#ForeignKey, #AccountNumber, #IsProcessed,
GETDATE(), NULL, SUSER_SNAME(), #Total)
RETURN SCOPE_IDENTITY()
No, there's no function to do this. When you create a linked server, the linked server "opens a connection" to the 2nd server. You, the user, have a connection to the 1st server. So when you run suser_sname() on the 1st server, you get your username that you are connected with. When you run it on the 2nd server, you STILL get the user name that you are using to connect to the second server. The difference is that the connection to the 2nd server is controlled by the administrator that configured the Linked Server. In your case, it sounds like he created a special account that is used for a linked server connection. Another option is to map accounts from the current server to accounts on the 2nd server. (If your DBA had done that, you might be getting the results that you want right now and not had any issues.) There are different ways to configure a linked server, and security should generally be a priority when doing so.
So, if you want to execute a query on the 2nd server and use your user name from the 1st server, then you need to pass it to the 2nd server, because it has no way of knowing who you are on a different machine.
Is there a function which returns the WINDOWS USER (NOT the database user!) within a procedure which is "EXECUTE AS OWNER" ?
Will ORIGINAL_LOGIN() do this, or does that only return the database user ?
Consider the following situation:
Windows Users "joe" and "anne" are part of a Active Directory Group, e.g. "PLANNERS"
The SQL Server Database has "PLANNERS" as Server Login and as Database User.
There is stored procedure WITH EXECUTE AS OWNER
Now, anne is logging into the SQL Database via Windows Authentification (so she is database user "PLANNERS"), and she calls the procedure. In this procedure, I want to retrieve the Windows User ("anne").
ORIGINAL_LOGIN() is the correct answer.
Just needed it again ;)
Thanks #deterministicfail
SQL Server Profiler shows NtUsername.
How do I see the NTusername in trigger?
I don't understand. SQL Server Profiler shows the Windows username. SUSER_NAME, SUSER_SNAME ORIGINAL_LOGIN, USER, USER_NAME shows the username of the SQL user account. I want what the Profiler is showing. There must be a way if the profiler can do it.
You use SUSER_SNAME(). Not SUSER_NAME(). Note the extra S
SUSER_SNAME returns the connection user (SQL Server 2000+)
SUSER_NAME gives the value of sys.server_principals.principal_id (SQL Server 2005+)
SUSER_NAME will give NULL for a Windows user who connects via a Windows Group, because only the Windows Group has an entry in sys.server_principals
Notes:
you have SUSER_ID and SUSER_SID at the SQL Server Instance level which are the opposite
at the database level, you have USER_NAME and DATABASE_PRINCIPAL_ID (USER_ID is deprecated)
A SQL login won't have an ntusername value in Profiler, because it isn't available
Since I could not find how to get the NTUsername, I used HOST_NAME() which gave me the user's machine name.
SUSER_NAME, SUSER_SNAME, ORIGINAL_LOGIN, USER, USER_NAME all gave me the SQL account username.
There is no correlation between the NTUserName unless the login is a Windows Authentication login. But because suser_name() is not returning what you want, I'm assuming that you are using SQL Server Authentication.
In which case, I don't believe you can do this.
It apears that the protocol used in your case was NamedPipes.
if NTUserName is not blank and in LoginName you have SQL Login – then it is SQL Authentication Over Named Pipes
-- see http://sqlbg.wordpress.com/2011/05/28/how-to-check-what-sql-server-network-protocol-is-used-by-connections/
I'm making a call to odbc32.dll (SQLBrowseConnect) to return a list of databases on a sql server.
From running a trace I can see the query being executed is
select name from master..sysdatabases where has_dbaccess(name)=1
If the credentials I pass aren't the sa user it returns just the system databases. Is there anyway I can use SQLBrowseConnect with another user (whose default database is also not guarenteed to be the master database) to return all databases on the server?
Also I want to avoid smo objects
The query does work without sysadmin credentials.
You need to ensure that you / the credentials you are using are at least in the public database role on each of the databases that you need to connect to.
As you would guess, select name from master..sysdatabases returns all database names irrespective of your access to the DB.