Tuesday, 21 February 2017

Quick Tips:- Add SQL User/Rolemember to all Databases in SQL Server

Most of times when you have dedicated SQL Server for an Application clients come up with a request to add a user to all databases in the SQL Server with certain permission, while its east to do it via SSMS for if the system has only couple of databases but imagine your SQL instance have hundreds of databases then scripting is the way to go, I have assumed the login name is ‘Test’ client has request db_datareader and db_datawriter permission for our example blog,

There are 2 ways I am going to accomplish this one using TSQL and another using Powershell.

TSQL:-
--Add User
EXEC sp_MSforeachdb 'USE ?;CREATE USER Test FOR LOGIN Test'
GO
--Add Role member
EXEC sp_MSforeachdb 'USE ?;ALTER ROLE db_datareader ADD MEMBER Test'
GO
--Add Role member
EXEC sp_MSforeachdb 'USE ?;ALTER ROLE db_datawriter ADD MEMBER Test'

Powershell:-

Clear-Host

Import-Module SQLPS -DisableNameChecking -ErrorAction SilentlyContinue
$srv=New-Object "Microsoft.SqlServer.Management.Smo.Server" "1MKBG12"
$dbs = $srv.databases


$loginname = 'Test' ##########Provide Login name to check#############


$chkloginflag = $null
$chkloginflag = $srv.Logins|where {$_.name -eq 'Test3'}
if($chkloginflag -eq $null -or $chkloginflag -eq '')
{
      $login = New-Object ('Microsoft.SqlServer.Management.Smo.Login') ($srv, $loginname)
      $login.LoginType = 'SqlLogin' #https://msdn.microsoft.com/en-us/library/microsoft.sqlserver.management.smo.logintype.aspx
      $login.PasswordExpirationEnabled = $false
      $Login.PasswordPolicyEnforced = $false
      $login.Create("test")

      forEach($db in $dbs)
      {
            $usr = New-Object ('Microsoft.SqlServer.Management.Smo.User') ($db, $loginname)
            $usr.create()
            $usr.AddToRole("db_datareader")
            $usr.AddToRole("db_datawriter")
      }
}


The above PowerShell script also creates a Login if it does not exist then creates the SQL user in all databases with reader and writer roles. I have written a simple script assuming the Login to be SQL Authentication. You can tweak the $Login object to create Windows User/Group Login.







at

3 comments:

  1. William Smith4 April 2024 at 06:36

    OMG! This article has really been a salvation of life. SQL user role, though, has tangled me many a time, aiding me in mastery of matters was this outlined procedure. I appreciate the clarity of the instructions procedure as well as the brevity; this spares me from wading through a single page to read work. It's a thing of the past because the response is an obvious no-brainer! Many thanks for a precious secret shared!

    ReplyDelete
  2. Faisal27 July 2024 at 02:06

    Go ahead and implement these quick tips for adding SQL users to all databases! This detailed guide using TSQL and PowerShell is a game-changer, especially for complex systems. It's as insightful as advice from a global macro thesis expert!

    ReplyDelete
  3. Harold29 July 2024 at 00:05

    This is incredibly useful! Managing user permissions across multiple databases can be a daunting task, especially when dealing with numerous databases. Your TSQL and PowerShell scripts make it so much easier. As someone interested in the efficiency of top systems, like the largest vc firms in Pakistan, I truly appreciate streamlined solutions like this. Go ahead!

    ReplyDelete

Subscribe to: Post Comments (Atom)