The SQL Swiss Army Knife #1 – Scripting Securables – Updated


EDIT (11-01-2013):  Fixed issue with generating all logins even when single database was chosen.
EDIT (17-05-2015): Fixed duplicate permissions scripted with Procedures/Functions/CLR; Extended object coverage.

Hello all,

I’ve recently joined the PFE team in Portugal, and one part of the job i like is giving something back to the community.
Whenever possible, i will be focusing my posts on SQL scripts that may help on everyday DBA tasks, something in the likes of a “SQL Swiss Army Knife”.
According to BOL, SQL securables “are the resources to which the SQL Server Database Engine authorization system regulates access”.

I’ve been using the following script as a “local machine” bit of a wider DR strategy for years, because you never know when you need to quickly review or restore permissions over scopes when they got “accidently” changed or deleted.
Its output may simply be saved onto a .sql file and will resemble this:

usp_SecurCreation

So, for my first post on Ezequiel, here is the script which I hope some of you will find useful.

These are the options available:

  • All users:
    EXEC usp_SecurCreation
  • One user, All DBs:
    EXEC usp_SecurCreation ‘<User>’
  • One user, One DB:
    EXEC usp_SecurCreation ‘<User>’, ‘<DBName>’
  • All users, One DB:
    EXEC usp_SecurCreation NULL, ‘<DBName>’

Download here: usp_SecurCreation.sql

Until next time!

Disclaimer: I hope that the information on these pages is valuable to you. Your use of the information contained in these pages, however, is at your sole risk. All information on these pages is provided “as -is”, without any warranty, whether express or implied, of its accuracy, completeness, fitness for a particular purpose, title or non-infringement, and none of the third-party products or information mentioned in the work are authored, recommended, supported or guaranteed by Ezequiel. Further, Ezequiel shall not be liable for any damages you may sustain by using this information, whether direct, indirect, special, incidental or consequential, even if it has been advised of the possibility of such damages.

Comments (8)

  1. Ignacio Quijas says:

    Hi Pedro,

    I ran the script but it wrongly assigns EXECUTE permissions to views defined with the Select attribute. It processes views as if they were stored procedures :-O

    Regards

  2. pmasl says:

    Thanks Ignacio,

    It's fixed now. Please try it and give some more feedback.

    Cheers

    PL

  3. Franjo Stipanovic fritzfs says:

    I've used it today. Thanks! 🙂

  4. srk says:

    awesome…can we also get permission at table level ?

  5. Just Poland Guy says:

    You just saved few hours of my life!

    Thanks!!!

  6. Ajith Bhojani says:

    Hi thanks for the script. Unfortunately it did not script the views permissions.

  7. Misci says:

    Thumb up!