Blogs
Welcome to EMC Consulting Blogs Sign in | Join | Help

Welcome to EMC Consulting Blogs

SSIS Junkie

SQL Server 2005: View all permissions

Today I was asked how one can query the server to list out all permissions that a principal has on all the securables in a SQL Server database. After 10 mins of searching through BOL I came up with the following that seems to work quite well:

    1 select dp.NAME AS principal_name,

    2         dp.type_desc AS principal_type_desc,

    3         o.NAME AS object_name,

    4         p.permission_name,

    5         p.state_desc AS permission_state_desc

    6 from    sys.database_permissions p

    7 left    OUTER JOIN sys.all_objects o

    8 on     p.major_id = o.OBJECT_ID

    9 inner   JOIN sys.database_principals dp

   10 on     p.grantee_principal_id = dp.principal_id

Here's the results:

I'm only putting it here cos I figure this'll be useful one day! Whether its useful to me or someone else is a different matter!! Note that this only works on SQL Server 2005, not on earlier versions.

-Jamie

 

UPDATE: I've posted a newer, better, version of this here: http://blogs.conchango.com/jamiethomson/archive/2007/02/09/SQL-Server-2005_3A00_-View-all-permissions--_2800_2_2900_.aspx 

Published 09 February 2007 00:38 by jamie.thomson

Comments

 

Jason Haley said:

February 9, 2007 04:20
 

SSIS Junkie said:

Two days ago I posted a blog entry here that showed how the following SQL statement: 1 select dp.NAME

February 10, 2007 01:09
 

Venu said:

this query is very very useful . Thanks a lot

April 17, 2007 11:10
 

Steve said:

The query listed was 95% of what I was looking for. A few tweeks and I should have exactly what I need - thanks!!!!!!

July 12, 2007 18:56
 

jamie.thomson said:

Hi Steve,

What else did you need? If its something useful I might add it to this.

Thanks

Jamie

July 12, 2007 19:26
 

Marianne said:

I love it! THanks

November 15, 2007 13:38
 

John said:

Jamie, thanks heaps

February 27, 2008 02:47
 

Curt said:

I can't speak for Steve, but the one thing I added was the o.TYPE column, so I could sort by object type (view, fn, etc).

Why is it that when I try to view a user's securables in management studio (user properties), it's blank, even though your query brings back results for that user?  Is it something I'm not doing right in Mgmt Studio?

April 7, 2008 22:29
 

vivekananda said:

Hi, I want to write the contents of a varchar variable to an sql file I am using this variable in a stored proc.

So, How to do this?

In simple words, As soon as I execute the stored proc it should create an sql file which contains the contents of that variable.

May 2, 2008 14:08
New Comments to this post are disabled

This Blog

Syndication
EMC2, EMC, and where information lives are registered trademarks of EMC Corporation.
All other trademarks used herein are the property of their respective owners.                  
© Copyright 2009 EMC Corporation. All rights reserved.                                                    
Powered by Community Server (Personal Edition), by Telligent Systems