Skip to main content

How to fix all orphaned SQL Logins



If you do lots of database restores from one server to another you may often come across server logins becoming "orphaned" from their associated database users. There is an easy fix for this by using sp_change_users_login but what if there are multiple logins that have become orphaned?

The cursor below should fix them all for you:

-----------------------------------------
-- Auto fix all orphaned user accounts
-----------------------------------------
DECLARE @SQL VARCHAR(MAX) 
SET @SQL =
       'DECLARE @userVar VARCHAR(30)
              DECLARE users CURSOR
              FOR
              SELECT NAME
              FROM sys.database_principals
              WHERE type = ''s''
                     AND NAME NOT IN (
                           ''guest''
                           ,''sys''
                           ,''INFORMATION_SCHEMA''
                           ,''dbo''
                           )     
              OPEN users   
              FETCH NEXT
              FROM users
              INTO @userVar 
              WHILE @@FETCH_STATUS = 0
              BEGIN
                     EXEC sp_change_users_login ''auto_fix''
                           ,@userVar
                     FETCH NEXT
                     FROM users
                     INTO @userVar
              END   
              CLOSE users
              DEALLOCATE users'

EXEC(@SQL)

[This piece of code is ideal for a Snippet]

Comments

Popular posts from this blog

How to create a custom Windows Event Log view and email trigger

The filtering on Windows event logs can be slow, clunky and although you can do it on fields like event ID, it seems that many event IDs are shared amongst many different errors – the event ID may match but the body of the error (therefore the actual error) may be completely unrelated. Fortunately, it is possible to filter on the contents of the body of the error message but it requires creating a custom XML query. Also, it would be handy to send out a notification email when this event gets logged. Read on to find out how to work this magic…. This example is looking for a  Warning  event  1309  for  ASP.NET 4.0.30319.0  on a web server. If you were to just filter the log on the criteria above today it would return 435 results because it is a fairly general error ID. If I filter it using XML for SqlException (what I’m really interested in) only 5 results are returned. So the first step is go to the Application Log and choose  Create Custom View…  Select the  XML  tab, check  Edit

How to configure the SSAS service to use a Domain Account

NB Updating SPNs in AD is not for the faint hearted plus I got inconsistent results from different servers. Do so at your own risk! If you need the SSAS account on a SQL Server to use a domain account rather than the local “virtual” account “NT Service\MSSQLServerOLAPService”. You may think you just give the account login permissions to the server, perhaps give it sysadmin SQL permissions too. However, if you try and connect to SSAS  remotely  you may get this error: Authentication failed. (Microsoft.AnalysisService.AdomdClient) The target principal name is incorrect (Microsoft.AnalysisService.AdomdClient) From Microsoft: “A Service Principle Name (SPN) uniquely identifies a service instance in an Active Directory domain when Kerberos is used to mutually authenticate client and service identities. An SPN is associated with the logon account under which the service instance runs. For client applications connecting to Analysis Services via Kerberos authentication, th

Fun and games with the Management Data Warehouse (MDW and Data Collectors)

The SQL Server Management Data Warehouse (when you first come across it) seems to promise so much if the verbiage from Microsoft and some other websites is to to believed. But when you install it you may find that it is not as useful as it could be. This is a shame but we are currently only on v2 of the product with SQL 2012 so one hopes it will improve in subsequent versions. However, it probably is worth playing with if you have never used it before - at least you can show your boss some reports on general server health when he asks for it and you have nothing else in place. There is one big problem with it though if you decide that you don't want to use it any more, uninstalling it is not supported! Mad, I know. But as usual some very helpful people in the community have worked out, what seems to me, a pretty safe way of doing it. I had a problem with my MDW. The data collector jobs were causing a lot of deadlocking on some production servers and impacting performance. I