Sometimes I'm in a position where I have to restore a production database to a development server, but there are a whole bunch of logins (belonging to developers) that don't exist in production which do on the development instance that need adding to a role so they can perform DML.
A way to get around this is to create a separate database and table on the development server which has a list of the logins and the roles they need to be added to and add a piece of TSQL similar to that below to the database restore job which adds the logins to the correct role:
A way to get around this is to create a separate database and table on the development server which has a list of the logins and the roles they need to be added to and add a piece of TSQL similar to that below to the database restore job which adds the logins to the correct role:
--------------------------------
-- Create the database
--------------------------------
CREATE DATABASE UserManagement CONTAINMENT
= NONE ON PRIMARY (
NAME = N'UserManagement'
,FILENAME = N'C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\DATA\UserManagement.mdf'
,SIZE = 5120 KB
,FILEGROWTH = 1024 KB
) LOG ON (
NAME = N'UserManagement_log'
,FILENAME = N'C:\Program Files\Microsoft SQL
Server\MSSQL11.MSSQLSERVER\MSSQL\DATA\UserManagement_log.ldf'
,SIZE = 1024 KB
,FILEGROWTH = 10 %
)
GO
--------------------------------`
-- Create database to hold the usernames we will give permissions
to
--------------------------------
USE UserManagement;
GO
CREATE TABLE LoginsToAdd (
UserName VARCHAR(50)
,RoleName VARCHAR(50)
,DBName VARCHAR(20)
)
--------------------------
-- Add the user accounts and the roles they need to the databases.
-- NB The logins need to exist already
--------------------------
USE UserManagement;
GO
INSERT LoginsToAdd(UserName, RoleName, DBName)
SELECT 'LSMith','db_datareader','DB1'
UNION ALL
SELECT 'JJones','db_datareader','DB1'
UNION ALL
SELECT 'FPatel','db_datareader','DB1'
UNION ALL
SELECT 'SDeSouza','db_datareader','DB1'
UNION ALL
SELECT 'PHewson','db_datareader','DB1'
UNION ALL
SELECT 'SBaldry','db_datareader','DB1'
UNION ALL
SELECT 'KCarrington','db_datareader','DB1'
--------------------------------
-- Create logins using a cursor
--------------------------------
PRINT 'Updating users/logins
for DB1 database'
DECLARE @UserCommand VARCHAR(512)
,@UserName VARCHAR(255)
,@RoleName VARCHAR(255)
DECLARE UserCursor CURSOR
FOR
SELECT UserName
,RoleName
FROM LoginsToAdd
WHERE DBName = 'DB1'
OPEN UserCursor
FETCH UserCursor
INTO @UserName
,@RoleName
WHILE 0 = @@fetch_status
BEGIN
PRINT '--> Adding user ' +
@UserName + ' to role ' + @RoleName
SET @UserCommand = 'USE [DB1];
IF EXISTS (SELECT * FROM
sys.database_principals WHERE name = N''' +
@UserName + ''')
DROP USER [' + @UserName + '];
CREATE USER [' + @UserName + '] FOR LOGIN [' + @UserName + '];
ALTER USER [' + @UserName + '] WITH DEFAULT_SCHEMA=[dbo];
EXEC sp_addrolemember N''' +
@RoleName + ''', N''' + @UserName + ''';'
EXECUTE (@UserCommand)
FETCH UserCursor
INTO @UserName
,@RoleName
END
CLOSE UserCursor
DEALLOCATE UserCursor
Comments
Post a Comment