How to Find SQL Logins with NO Database Mappings

May 15, 2018

SQL Server is one of the most common attack surphases for would-be hackers, so it’s important to maintain a good security practices over the logins which have access into your environment.

The following script checks your SQL Server for any accounts which do NOT have any databases mapped to them. While this isn’t a conclusive indicator that the login is no longer in use, it does provide a good starting point for further investigation into whether these accounts are in fact still required or not.

USE MASTER; 
CREATE TABLE #dbusers ( 
sid VARBINARY(85)) 
EXEC sp_MSforeachdb 
'insert #dbusers select sid from [?].sys.database_principals where type != ''R''' 
SELECT name 
FROM   sys.server_principals 
WHERE  sid IN (SELECT sid 
FROM   sys.server_principals 
WHERE  TYPE != 'R' 
AND name NOT LIKE ('##%##') 
EXCEPT 
SELECT DISTINCT sid 
FROM   #dbusers) 
GO 
DROP TABLE #dbusers

SHARE THIS POST:

Search

SQL Server Performance Best Practices for Developers

How to Find SQL Logins with NO Database Mappings

SHARE THIS POST:

Search

Recent Posts

SQL Server Performance Best Practices for Developers

May 1, 2023

SQL Server 2022: Unlocking the Power of AI and Machine Learning for Data Management and Analysis

Jan 28, 2023

Update all DB growth parameters to defined increments

May 27, 2021

Microsoft’s Postponement of Patches: Investigating Incorrect Results Bugs in SQL Server 2019 and 2016

Feb 12, 2021

Critical Security Issue in Extended Events Fixed in Latest SQL Server Updates

Jan 13, 2021

The Uncertainty Continues: Microsoft Releases SQL Server 2019 CU8 Amidst Ongoing Issues with Update Documentation

Oct 2, 2020

Company

Services

Get In Touch

Connect

© 2023 DBA Services All Rights Reserved. | Built by Stacked Site.

Privacy Policy | Terms & Conditions | Sitemap