Sql-Server
如何編寫伺服器端權限腳本 - 特別是在 SYS.XP_PROP_OLEDB_PROVIDER 上執行?
我無法編寫以下伺服器端權限的腳本:
GRANT VIEW DEFINITION ON LOGIN::[site_helpdesk] TO [Radhe]但由於下面的問題,我找到了解決方案:
現在我有一個類似的問題:
我有一個程序授予以下伺服器端登錄權限:
GRANT EXECUTE ON SYS.XP_PROP_OLEDB_PROVIDER TO [my_company\my_login]這工作正常,但是,我需要編寫所有權限的腳本,
my_company\my_login但我找不到編寫此權限的腳本的方法。我怎樣才能做到這一點?
與保存有關伺服器級別訪問/權限的資訊不同
sys.server_principals,sys.database_permissions類似於sys.database_principals' andsys.database_permission` 的資訊保存有關數據庫級別訪問/權限的資訊。將這兩個對象與
UNIONofsys.objects和連接起來sys.sysobjects將為您提供有關使用者定義和系統對象的所需資訊,這些資訊可以轉換為腳本。注意:要生成對象級別權限的腳本,我們需要在各自的數據庫中執行腳本。Like
sys.xp_prop_oledb_provide是 master 數據庫的一個對象,所以我們將SELECT在 master 數據庫中執行語句。例子:-
CREATE LOGIN Radhe WITH PASSWORD='HareKrishna001!', DEFAULT_DATABASE=master; GO CREATE USER Radhe FOR LOGIN Radhe; GO GRANT EXECUTE ON SYS.XP_PROP_OLEDB_PROVIDER TO [Radhe]; GO USE master; GO select case when DBPerm.state_desc='GRANT_WITH_GRANT_OPTION' then 'GRANT' else DBPerm.state_desc end COLLATE SQL_Latin1_General_CP1_CI_AS+ ' '+DBPerm.permission_name COLLATE SQL_Latin1_General_CP1_CI_AS+' ON '+o.objectschema+'.'+o.name+' TO ['+DBPrin.name+']'+ case when DBPerm.state_desc='GRANT_WITH_GRANT_OPTION' then 'WITH GRANT OPTION;' else ';' end COLLATE SQL_Latin1_General_CP1_CI_AS AS [Script] from sys.database_permissions DBPerm inner join ( select name,object_id,schema_name(schema_id) objectschema from sys.objects union all select name,id,'sys' as objectschema from sys.sysobjects ) o on DBPerm.major_id=o.object_id inner join sys.database_principals DBPrin on DBPerm.grantee_principal_id=DBPrin.principal_id where DBPrin.name NOT LIKE '##%##' AND DBPrin.name NOT LIKE 'NT AUTHORITY%' AND DBPrin.name NOT LIKE 'NT SERVICE%' AND DBPrin.name not in ('sa','public');結果:
Script ------------------------------------------------------------- GRANT EXECUTE ON sys.xp_prop_oledb_provider TO [Radhe]克利須那教派(印度教!