1. CREATE SQL Logins
SELECT
'EXEC master..sp_addsrvrolemember @loginame = N''' + SL.name + ''', @rolename = N''' + SR.name + ''';
' AS [-- Roles To Be Assigned --]
FROM master.sys.server_role_members SRM
INNER JOIN master.sys.server_principals SR ON SR.principal_id = SRM.role_principal_id
JOIN master.sys.server_principals SL ON SL.principal_id = SRM.member_principal_id
WHERE SL.type IN ('S','G','U')
AND SL.name NOT LIKE '##%##'
AND SL.name NOT LIKE 'NT AUTHORITY%'
AND SL.name NOT LIKE 'NT SERVICE%'
AND SL.name <> ('sa')
AND SL.name <> 'distributor_admin';
2. Assign Server role to the login
Declare @sel_perm nvarchar(1000) = 'USE ?;
SELECT ''USE ''+ DB_NAME()+''; ''+CASE WHEN dp.state <> ''W'' THEN dp.state_desc ELSE ''GRANT'' END +'' '' +
dp.permission_name + '' TO '' + QUOTENAME(dpg.name) COLLATE database_default +
CASE WHEN dp.state <> ''W'' THEN '''' ELSE '' WITH GRANT OPTION'' END +'';'' AS [-- Permission To Be Assign to the User --]
FROM sys.database_permissions AS dp
INNER JOIN sys.database_principals AS dpg ON dp.grantee_principal_id = dpg.principal_id
WHERE dp.major_id = 0 AND dpg.principal_id > 4
AND (dpg.type in (''S'',''G'',''U''))
AND dpg.name NOT LIKE ''##%##''
AND dpg.name NOT LIKE ''NT AUTHORITY%''
AND dpg.name NOT LIKE ''NT SERVICE%''
AND dpg.name <> (''sa'')
AND dpg.default_schema_name IS NOT NULL
AND dpg.name <> ''distributor_admin''
AND dpg.principal_id > 4
ORDER BY dpg.name';
exec sp_MSforeachdb @command1 = @sel_perm;
No comments:
Post a Comment