I need to make a list of all non-special user accounts retrieved from an SQL Server 2008 database. I can run this query:
SELECT * FROM sys.server_principals WHERE is_disabled <> 1 AND type = 'S';
But the result still includes principals such as sa.
Any idea how to do it?
Nevermind, I think I got it:
SELECT * FROM sys.server_principals WHERE
is_disabled <> 1 AND
type = 'S' AND
IS_SRVROLEMEMBER('sysadmin', [name]) = 0
Related
Trying to build a query on Execute SQL Task Editor.
SELECT ? = CONVERT(VARCHAR(10), COUNT(DISTINCT Email))
FROM [xxx].[dbo].[DataTEST] AS D_Test INNER JOIN
[xxx].[dbo].[ListsTEST] AS L_Test ON D_Test.ListId = L_Test.Id
WHERE L_Test.[DataSent] = 0 AND Email IS NOT NULL
When building the Query I get the error:
Error in SELECT clause: 'expression near '='.
Missing FROM clause.
Unable to parse query text.
Do I need to use '?=' for this query? Im only using that as I am emulating the .dtsx file that I am trying to diagnose/ reverse engineer.
Ive ran the query without the ?= on SQL Management Studio and it gives me the data that I want but Im unsure if me running it without that wont generate the same results.
Declare #output varchar(10) = '';
Select #output = count(Distinct Email))
From [xxx].[dbo].[DataTEST] AS D_Test
Inner Join [xxx].[dbo].[ListsTEST] AS L_Test ON D_Test.ListId = L_Test.Id
Where L_Test.[DataSent] = 0
And Email Is Not Null;
Set #output = ?;
NCSC has published a list of the 100.000 most used passwords, see 100K passwords
I wondered if any of my users had used one of these passwords, so I wrote a check, inspired by an idea from bp_check.
Am I doing it the correct way?
I had problems with UniCode, but that should have been solved by now.
Here is my code to run such a password check:
-- script to check if any of the passwords on your SQL Server is amongst the 100.000 most used passwords that Troy Hunt and NCSC released
-- see https://www.ncsc.gov.uk/blog-post/passwords-passwords-everywhere
--drop table dbo.PwnedPasswordTop100k
create table dbo.PwnedPasswordTop100k ( pw nvarchar(500) collate Latin1_General_CS_AS not null)
go
bulk insert dbo.PwnedPasswordTop100k
FROM 'c:\temp\PwnedPasswordTop100k.txt'
WITH
(
FIELDTERMINATOR = ',',
ROWTERMINATOR = '\n'
, codepage=65001
)
go
SELECT sl.name , ppt.pw
from sys.sql_logins sl
cross join dbo.PwnedPasswordTop100k ppt
where PWDCOMPARE(ppt.pw, sl.password_hash) = 1
union all
SELECT s.name, 'password is NULL' FROM sys.sql_logins s -- password is null (from idea from BP_Check http://aka.ms/BPCheck;)
where password_hash is null
AND exists(SELECT * FROM fn_my_permissions(NULL, 'SERVER') where permission_name='CONTROL SERVER')
and name NOT IN ('MSCRMSqlClrLogin','##MS_SmoExtendedSigningCertificate##','##MS_PolicySigningCertificate##','##MS_SQLResourceSigningCertificate##','##MS_SQLReplicationSigningCertificate##','##MS_SQLAuthenticatorCertificate##','##MS_AgentSigningCertificate##','##MS_SQLEnableSystemAssemblyLoadingUser##')
union all
SELECT s.name, s.Name FROM sys.sql_logins s -- password the same as login (from idea from BP_Check http://aka.ms/BPCheck;)
where PWDCOMPARE(s.name, s.name) = 1
union all
select 'not SYSADM', 'You do not have CONTROL SERVER permissions, and cannot see any password_hashes'
where not exists(SELECT * FROM fn_my_permissions(NULL, 'SERVER') where permission_name='CONTROL SERVER')
--select top (10000) * from dbo.PwnedPasswordTop100k where pw like N'пїЅпїЅпїЅпїЅ'
begin try
drop table dbo.PwnedPasswordTop100k
end try
begin catch
end catch
The PwnedPasswordTop100k.txt file must be copied to c:\temp on the SQL Server, and the account that runs SQL Server, must have access to the file. Alternatively, change the path to a place which the SQL Server can see.
Not everyone has access to a share that SQL Server can see. So I've also written a script with all the passwords:
Script with 100.000 passwords
It is a SELECT Statement that is 1500 kB. Quite big, but you can run it in SQL Server Management Studio.
My SQL Server can check about 6 users per minute, so the script is not very fast.
IF EXISTS (SELECT 1 FROM Master..SysDatabases WHERE [name] = 'abcd')
BEGIN
TRUNCATE TABLE abcd.dbo.ascf
END
As a one of the workarounds:
IF EXISTS (SELECT 1 FROM Master..SysDatabases WHERE [name] = 'abcd')
BEGIN
EXEC ('TRUNCATE TABLE abcd.dbo.ascf')
END
Lowering of compatibility level to SQL 2008 - SQL2014 will not help.
How to find last database users date and time sql server 2008 r2?
You can try this:
SELECT accdate, name FROM master.dbo.syslogins
or use
select max (login_time), login_name
from sys.dm_exec_sessions
group by login_name;
You could set up a so-called logon trigger.
Example:
USE master;
GO
CREATE LOGIN login_test WITH PASSWORD = '3KHJ6dhx(0xVYsdf' MUST_CHANGE,
CHECK_EXPIRATION = ON;
GO
GRANT VIEW SERVER STATE TO login_test;
GO
CREATE TRIGGER connection_limit_trigger
ON ALL SERVER WITH EXECUTE AS 'login_test'
FOR LOGON
AS
BEGIN
IF ORIGINAL_LOGIN()= 'login_test' AND
(SELECT COUNT(*) FROM sys.dm_exec_sessions
WHERE is_user_process = 1 AND
original_login_name = 'login_test') > 3
ROLLBACK;
END;
Example taken from https://msdn.microsoft.com/en-us/library/bb326598(v=sql.105).aspx
How can we find a particular stored procedure. I need to find a stored procedure which I don't know is in which database. Can somebody please, help with a script.
Thanks
One way by using the ANSI information_schema.routines view, change ProcNameHere to the name you want
select * from information_schema.routines
where routine_type = 'PROCEDURE'
and specific_name = 'ProcNameHere'
Which database server? With MS SQL Server, you can use sp_help 'procname'.
If it is Sql Server 2005 you can use
SELECT * FROM Sys.Objects where Name = 'YOUR_NAME_HERE' AND type = 'P'
It will tell you if the procedure is in a particular database.
Which SQL? SQL 2k/2k5/2k8 has management studio which lets you browse. Expand Databases/Database/Programmability/Stored Proceudres
Replace text to search for with your string and this will search all databases on your server.
exec sp_MSforeachdb 'SELECT db=''?'', [type], [name], [text] FROM [?]..sysobjects a inner join [?]..syscomments b on a.id = b.id where text like ''%Text to search for%'' order by [name], [number]', '?'