Skip to main content

How to add multiple logins to a role

Sometimes I'm in a position where I have to restore a production database to a development server, but there are a whole bunch of logins (belonging to developers) that don't exist in production which do on the development instance that need adding to a role so they can perform DML.

A way to get around this is to create a separate database and table on the development server which has a list of the logins and the roles they need to be added to and add a piece of TSQL similar to that below to the database restore job which adds the logins to the correct role: 

-- Create the database
       NAME = N'UserManagement'
       ,FILENAME = N'C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\DATA\UserManagement.mdf'
       ,SIZE = 5120 KB
       ,FILEGROWTH = 1024 KB
       ) LOG ON (
       NAME = N'UserManagement_log'
       ,FILENAME = N'C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\DATA\UserManagement_log.ldf'
       ,SIZE = 1024 KB
       ,FILEGROWTH = 10 %
-- Create database to hold the usernames we will give permissions to
USE UserManagement;

       UserName VARCHAR(50)
       ,RoleName VARCHAR(50)
       ,DBName VARCHAR(20)
-- Add the user accounts and the roles they need to the databases.
-- NB The logins need to exist already
USE UserManagement;

INSERT LoginsToAdd(UserName, RoleName, DBName)
SELECT 'LSMith','db_datareader','DB1'
SELECT 'JJones','db_datareader','DB1'
SELECT 'FPatel','db_datareader','DB1'
SELECT 'SDeSouza','db_datareader','DB1'
SELECT 'PHewson','db_datareader','DB1'
SELECT 'SBaldry','db_datareader','DB1'
SELECT 'KCarrington','db_datareader','DB1'
-- Create logins using a cursor
PRINT 'Updating users/logins for DB1 database'

DECLARE @UserCommand VARCHAR(512)
       ,@UserName VARCHAR(255)
       ,@RoleName VARCHAR(255)

FROM LoginsToAdd
WHERE DBName = 'DB1'

OPEN UserCursor

FETCH UserCursor
INTO @UserName

WHILE 0 = @@fetch_status
       PRINT '--> Adding user ' + @UserName + ' to role ' + @RoleName

       SET @UserCommand = 'USE [DB1];
IF  EXISTS (SELECT * FROM sys.database_principals WHERE name = N''' + @UserName + ''')
DROP USER [' + @UserName + '];
CREATE USER [' + @UserName + '] FOR LOGIN [' + @UserName + '];

ALTER USER [' + @UserName + '] WITH DEFAULT_SCHEMA=[dbo];

EXEC sp_addrolemember N''' + @RoleName + ''', N''' + @UserName + ''';'

       EXECUTE (@UserCommand)

       FETCH UserCursor
       INTO @UserName

CLOSE UserCursor



Popular posts from this blog

How to move the Microsoft Assessment and Planning Toolkit (MAP) database to a different drive

The Microsoft Assessment and Planning Toolkit (MAP) is a very useful tool for scanning your network to find instances of SQL Server plus all manner of detailed information about the installed product, OS and hardware it sits on.

<Click image to enbiggen>
There is an issue with it the database it uses to store the data it collects, however. Assuming you don't have an instance called MAPS on your server, the product will install using LocalDB (a cut down version of SQL Server Express) and puts the databases on your C: drive. If you then scan a large network you could easily expand the database to 10GB which may cause issues on a server when that drive is often one of the smallest. However, there is a simple solution: connect to LocalDB using Management Studio, detach the databases, move to a different drive, set permissions on the new location if required and reattach the database. How do you connect to LocalDB? Here you go:

Connect to (localdb)\MAPTOOLKIT

The databases I move…

SAN performance testing using SQLIO

This document describes how to use Microsoft’s SQLIO to test disk/SAN performance. It is biased towards SQL Server – which uses primarily 64KB and 8KB data pages so I am running the tests using those cluster sizes, however, other sizes can be specified.  Download SQLIO from SQLIO is a command line tool with no GUI so you need to open a command prompt at C:\Program Files (x86)\SQLIO after you have installed it. Configuration First of all edit param.txt so that you create the test file we will be using. The file needs to be bigger than the combined RAID and on-board disk caches. In this case we are using a 50GB file.
The “2” refers to the number of threads to use when testing, you don’t need to change this now. The “0x0” value indicates that all CPUs should be used, which you probably don’t want to change either, “#” is a comment. The only part you may want to change is 51200 (50GB) and the drive letter. After …

SSIS Job fails when it calls Excel via the SQL Agent but succeeds from SSDT

If you have an SSIS package which fails when run on a schedule but succeeds when executed interactively in Visual Studio/BIDS/SSDT, it may produce an error like this:
Executed as user: DOMAIN\user. Microsoft (R) SQL Server Execute Package Utility  Version 12.0.4100.1 for 64-bit  Copyright (C) Microsoft Corporation. All rights reserved.    Started:  10:52:25  Error: 2017-02-06 10:52:26.26     Code: 0x00000001     Source: Open Spreadsheet and Run Macro      Description: Exception has been thrown by the target of an invocation.  End Error  DTExec: The package execution returned DTSER_FAILURE (1).  Started:  10:52:25  Finished: 10:52:26  Elapsed:  0.485 seconds.  The package execution failed.  The step failed.
The issue is a type of permissions error. Excel needs to have its permissions changed via the DCOM applet in Control Panel. By default it is on “The launching user.” This needs to be changed to a user with more permissions, in this case we have used the service account used by SQL A…