在 SQL Server 2005 中生成数据库角色成员身份的脚本

发布于 2024-09-10 08:28:29 字数 232 浏览 13 评论 0原文

我有一个数据库,里面有很多用户。这些用户属于数据库中不同的内置角色(例如db_ddladmin)。

我想生成一个脚本,该脚本创建具有相同角色分配的相同用户以在不同的数据库中使用。 SQL Management Studio 似乎只为用户定义的角色生成 sp_addrolemember 调用,而不是内置角色。有什么办法让它编写所有角色吗?

也许还有其他更好的工具可以从现有数据库生成数据库脚本(最好但不一定是免费的)?

I have a database with a lot of users in it. Those users belong to different built-in roles in the DB (eg db_ddladmin).

I want to generate a script that creates those same users with the same role assignments to use in a different database. SQL Management Studio seems to only generate sp_addrolemember calls for user-defined roles, not the build-in ones. Is there any way to make it script all roles?

Perhaps there is any other, better tool for generating database scripts from an existing database (preferably, but not necessarily, free)?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

最丧也最甜 2024-09-17 08:28:29

有关数据库用户及其分配的角色的信息在系统视图中提供
sys.database_principals 和 sys.database_role_members。使用这些查询查看此数据:

select * from sys.database_principals
select * from sys.database_role_members

我假设您在数据库 A 中配置了数据库用户和角色,并且希望将它们复制到数据库 B。要在目标数据库中创建用户:

  • 在数据库 A 中运行以下查询
  • ,在数据库 B 中粘贴、查看并运行生成的脚本

SELECT 'CREATE USER [' + name + '] for login [' + name + ']'
 from sys.database_principals
 where Type = 'U'
  and name <> 'dbo'

要将 B 中的新用户配置为与 A 中的角色相同的角色:

  • 在数据库 A 中运行以下查询
  • 剪切、粘贴、查看并在数据库 B 中运行生成的脚本

SELECT 'EXECUTE sp_addrolemember ''' + roles.name + ''', ''' + users.name + ''''
 from sys.database_principals users
  inner join sys.database_role_members link
   on link.member_principal_id = users.principal_id
  inner join sys.database_principals roles
   on roles.principal_id = link.role_principal_id

始终查看这些脚本。可能会出现例外或特殊情况,而您只是不想破坏安全性。

如果新数据库位于不同的 SQL Server 实例上,您必须首先创建 SQL 登录名。如果您有用户定义的角色,
您需要先重新创建它们。 (分配给他们的角色和权限非常是开放式的,我不想处于需要这样做的情况!)

Information about a database's users and the roles they are assigned to are made available in system views
sys.database_principals and sys.database_role_members. Review this data with these queries:

select * from sys.database_principals
select * from sys.database_role_members

I'll assume you have database users and roles configured in database A, and you want them copied over to database B. To create the users in the target database:

  • Run the following query in database A
  • Cut, paste, REVIEW, and run the resulting script in database B

.

SELECT 'CREATE USER [' + name + '] for login [' + name + ']'
 from sys.database_principals
 where Type = 'U'
  and name <> 'dbo'

To configure the new users in B with the same roles as they have in A:

  • Run the following query in database A
  • Cut, paste, REVIEW, and run the resulting script in database B

.

SELECT 'EXECUTE sp_addrolemember ''' + roles.name + ''', ''' + users.name + ''''
 from sys.database_principals users
  inner join sys.database_role_members link
   on link.member_principal_id = users.principal_id
  inner join sys.database_principals roles
   on roles.principal_id = link.role_principal_id

Always review these scripts. There may be exceptions or special cases going on, and you just don't want to mess up security.

If the new database is on a different SQL Server instance, you will have to create the SQL logins first. If you have user-defined roles,
you will need to recreate them first. (Roles and the permissions assigned to them are very open-ended, and I don't ever want to be in a situation where I'd need to do that!)

韬韬不绝 2024-09-17 08:28:29

以下是 Idera 的一个选项: http://www.idera.com/Products /免费工具/SQL-权限/
它会生成登录名和权限,并可以帮助您完成您正在尝试的事情。

Here's one option from Idera: http://www.idera.com/Products/Free-Tools/SQL-permissions/
It generates logins and permissions and may help you accomplish what you are attempting.

喵星人汪星人 2024-09-17 08:28:29

对于数据库用户角色

SELECT 'CREATE ROLE [' + name + ']' 
  FROM sys.database_principals 
  where type='R' and is_fixed_role = 0 and name != 'public'

For DB User Roles

SELECT 'CREATE ROLE [' + name + ']' 
  FROM sys.database_principals 
  where type='R' and is_fixed_role = 0 and name != 'public'
溺深海 2024-09-17 08:28:29

调整原始答案以使用新的 ALTER ROLE 语法:

SELECT 'ALTER ROLE  [' + roles.name + '] ADD MEMBER [' + users.name + '];'
from sys.database_principals users
inner join sys.database_role_members link
on link.member_principal_id = users.principal_id
inner join sys.database_principals roles
on roles.principal_id = link.role_principal_id
where users.name = 'MyUser'

这是特定于数据库的 - 在要为其提取角色的数据库中运行它

Adjusting the original answer to use the new ALTER ROLE syntax:

SELECT 'ALTER ROLE  [' + roles.name + '] ADD MEMBER [' + users.name + '];'
from sys.database_principals users
inner join sys.database_role_members link
on link.member_principal_id = users.principal_id
inner join sys.database_principals roles
on roles.principal_id = link.role_principal_id
where users.name = 'MyUser'

This is database specific - run it in the database you want to extract roles for

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文