Is there a default report in Sql Server that will output the permissions/securables history for given user or login? If not, does anyone know how to craft such a query? We had an incident recently where a user mysteriously lost insert permissions on a table, and we'd like to find out exactly what caused it.
The only way to figure this out is to read transaction log that stores details on each transaction. If your database was in full recovery mode then the info is somewhere in there.
Unfortunately you can’t do this using standard tools because MS doesn’t support this.
You can either get yourself a commercial log reader or try to hack this using undocumented commands like fn_dblog.
Check these out for more details
Read the log file (*.LDF) in sql server 2008
SQL Server Transaction Log Explorer/Analyzer
How to view transaction logs in sql server 2008
Here is a query for finding the permissions on a database. We have been using a variant of this query to copy permissions from one table to another table.
select *
FROM sys.database_permissions AS dp
INNER JOIN sys.objects AS o ON dp.major_id=o.object_id
INNER JOIN sys.schemas AS s ON o.schema_id = s.schema_id
INNER JOIN sys.database_principals AS dpr ON dp.grantee_principal_id=dpr.principal_id
Related
Just for curiosity, can anyone tell me would I cause any issue to the Oracle database if I manually stop running a query (select statement) by processing the red button in Oracle SQL Developer like below, assuming that the query is a very heavy loading query normally takes over a few minutes to run.
The query is just a very normal select statement like following:
-- Getting 3 years worth of data from a busy Production DB
select
<something>
from
Table1#ProductionDB T1
left join Table2#ProductionDB T2 on
T2.colA = T1.ColA
left join Table3#ProductionDB T3 on
T3.Col1B = T2.ColB
where
T3.date between to_date('01-JAN-2017','dd-MON-YYYY') and to_date('01-JAN-2020','dd-MON-YYYY')
The Remote DB is a busy production DB that connected to thousand clients and have in/out communication every sec to the database through an application server. Would it cause any issues to Oracle such as, Oracle memory management or others, to the remote database if the user terminated the query manually from Oracle SQL Developer.
Thanks in advance!
I presume that the remote DB will be relieved as certain resources wouldn't be needed any more.
Though, as you didn't post entire query, just asking: if those tables are accessed via database link, did you try to use the driving_site hint? Perhaps it'll help the query to execute faster. Something like
select /*+ driving_site (t1) */
<something>
from ...
I have a query that currently runs successfully on SQL Server Management Studio, gathering information from 2 databases on the SQL server where I run the query, and one database on a linked SQL Server. The query has this structure:
SELECT TOP 10
DB1.id_number as BLN,
DB1.field1,
DB2.field2,
DB3.field3
FROM
LinkedServer.database1.dbo.table1 DB1
INNER JOIN
database2.dbo.table2 DB2 ON DB1.id_number = DB2.id_number
INNER JOIN
database3.dbo.table3 DB3 ON DB3.id_number2 = DB1.id_number2
WHERE
DB1.id_number IS NOT NULL
AND DB1.field1 IS NOT NULL
How can I run this same query from a .Net application? I am looking for a solution that doesn't require saving a View on the database.
In whatever solution you propose, please detail connection strings and security issues.
Thank you.
You can run the query using SqlCommand. Although doing it with an ORM may be a little tricky, if it even can be done.
I have been tasked with ensuring our databases in SQL Server 2016 are providing "encryption at rest" does anyone have a step by step guide with regards how I go about this? (20+ dbs in place some large)
I have ran script below and it says is_encrypted = 0. all the other values are NULL. So I am guessing nothing is encrypted?
SELECT
db.name,
db.is_encrypted,
dm.encryption_state,
dm.percent_complete,
dm.key_algorithm,
dm.key_length
FROM
sys.databases db
LEFT OUTER JOIN sys.dm_database_encryption_keys dm
ON db.database_id = dm.database_id;
I am querying a linked Oracle server from a local SQL Server instance using openquery. The issue is that I want to limit the results returned based on a table in the local DB (about 10k rows) while executing in the linked instance. Normally I would do it the other way around and do something like:
SELECT *
FROM OPENQUERY(DBlinked, 'SELECT…') link_serv
INNER JOIN localdb.table1 local_1
ON local_1.column_1 = link_serv.column_1
but because of the size of the linked tables being hit during the openquery (multiple tables with 100’s millions of rows) executing against the entire dataset then sub-setting locally with a join isn’t a good idea.
I’ve tried to reference back to the local server inside openquery but since the table is located on the local file it won't find the table, and I do not have write permission on the linked server so moving the local table over to the linked server would be problematic.
Any guidance on how to limit the results prior to all the joins would be appreciated. Using openquery is not a requirement -- its just the only elegant solution I've found for dealing with resource intensive queries against large linked tables.
Essentially what I’m trying to do is
SELECT * FROM OPENQUERY(oracleDB, '
SELECT *
FROM dbo.table1 Ot
INNER JOIN Local_SQLServ.DB1.DBO.Table1 St
ON St.Column1 = Ot.column1’)
I have a few SQL Server databases (all in one server), containing their own set of users. Now I'm trying to design a small application that would query those users and then display them in a report (TBD). I've looked over online how to do this, however I didn't find any. Is it possible in SQL Server to retrieve all the users of a database? If so, how?
On SQL Server 2005 and up:
connect to that specific database you're interested in
USE Databasename
execute this query
SELECT * FROM sys.database_principals
That gives you a slew of information on all users defined in the database
See the MSDN documentation for a detailed explanation of all rows returned from that view.