1. 首頁
  2. 問答
  3. 如何列出角色的成員在SQL Server 2008 R2

如何列出角色的成員在SQL Server 2008 R2

2014-01-07 76 views
10

我使用下面的T-SQL從我的SQL Server獲得角色的成員2008 R2數據庫:如何列出角色的成員在SQL Server 2008 R2

select rp.name as database_role, mp.name as database_user 
from sys.database_role_members drm 
    join sys.database_principals rp on (drm.role_principal_id = rp.principal_id) 
    join sys.database_principals mp on (drm.member_principal_id = mp.principal_id) 
order by rp.name

當我檢查輸出我注意到只列出db_datareader角色成員是數據庫角色 - 查詢中未列出db_datareader的用戶成員。

這是爲什麼?我怎樣才能列出我的數據庫角色的用戶成員?

我想我也應該問一下sys.database_role_members表是否實際上包含了一個角色的所有成員?

來源

2014-01-07 endurium

+0

http://stackoverflow.com/questions/20956109/each-user-and-their-role-in-every-database-on-the-server/20956125# 20956125 – Mihai

+1

@Mhaihai - 您提供的鏈接中發佈的代碼與發佈在我的問題中的代碼相同,只是它針對服務器上的每個數據庫都執行此操作,並且不回答我的問題。 – endurium

回答

14

我已經制定了這是怎麼回事。

當我查詢角色成員時,我將輸出與SSMS在角色屬性對話框中列爲角色成員的輸出進行比較 - 包括用戶和角色,但用戶沒有按列出的查詢列出在我的問題。事實證明,當列出角色成員時,SSMS擴展角色的成員以顯示這些角色的成員。

下面的查詢複製在SSMS列出角色成員的方式:

WITH RoleMembers (member_principal_id, role_principal_id) 
AS 
(
    SELECT 
    rm1.member_principal_id, 
    rm1.role_principal_id 
    FROM sys.database_role_members rm1 (NOLOCK) 
    UNION ALL 
    SELECT 
    d.member_principal_id, 
    rm.role_principal_id 
    FROM sys.database_role_members rm (NOLOCK) 
    INNER JOIN RoleMembers AS d 
    ON rm.member_principal_id = d.role_principal_id 
) 
select distinct rp.name as database_role, mp.name as database_userl 
from RoleMembers drm 
    join sys.database_principals rp on (drm.role_principal_id = rp.principal_id) 
    join sys.database_principals mp on (drm.member_principal_id = mp.principal_id) 
order by rp.name

上面的查詢使用遞歸CTE擴張作用到它的用戶的成員。

來源

2014-01-14 09:22:03 endurium

3

試試這個

;with ServerPermsAndRoles as 
(
    select 
     spr.name as principal_name, 
     spr.type_desc as principal_type, 
     spm.permission_name collate SQL_Latin1_General_CP1_CI_AS as security_entity, 
     'permission' as security_type, 
     spm.state_desc 
    from sys.server_principals spr 
    inner join sys.server_permissions spm 
    on spr.principal_id = spm.grantee_principal_id 
    where spr.type in ('s', 'u') 

    union all 

    select 
     sp.name as principal_name, 
     sp.type_desc as principal_type, 
     spr.name as security_entity, 
     'role membership' as security_type, 
     null as state_desc 
    from sys.server_principals sp 
    inner join sys.server_role_members srm 
    on sp.principal_id = srm.member_principal_id 
    inner join sys.server_principals spr 
    on srm.role_principal_id = spr.principal_id 
    where sp.type in ('s', 'u') 
) 
select * 
from ServerPermsAndRoles 
order by principal_name

(OR)

SELECT p.name, o.name, d.* 
FROM sys.database_principals AS p 
JOIN sys.database_permissions AS d ON d.grantee_principal_id = p.principal_id 
JOIN sys.objects AS o ON o.object_id = d.major_id

來源

2014-01-07 15:43:35

6

這裏是另一種方式

SELECT dp.name , us.name 
FROM sys.sysusers us right 
JOIN sys.database_role_members rm ON us.uid = rm.member_principal_id 
JOIN sys.database_principals dp ON rm.role_principal_id = dp.principal_id

來源

2016-05-26 22:03:21 bigRon97

相關問題

 相關問題