1 select SYSTEM_USER 2 select USER_NAME(0),USER_NAME(1),USER_NAME(2),USER_NAME(3),USER_NAME(100) 3 4 --权限相关基本表 5 select * from sys.server_principals 6 select * from sys.database_principals 7 select * from syslogins 8 select * from sysusers 9 select * from syspermissions 10 11 select b.name as tName,c.name as objname, 12 CASE b.type 13 WHEN 'U' THEN 'Table' 14 WHEN 'P' THEN 'SP' 15 ELSE 'OTHER' 16 END AS TYPE, 17 CASE WHEN a.ACTION = 26 AND a.PROTECTTYPE = 205 THEN '√' ELSE '' END AS 'REFERENCES', 18 CASE WHEN a.ACTION = 193 AND a.PROTECTTYPE = 205 THEN '√' ELSE '' END AS 'SELECT', 19 CASE WHEN a.ACTION = 195 AND a.PROTECTTYPE = 205 THEN '√' ELSE '' END AS 'INSERT', 20 CASE WHEN a.ACTION = 197 AND a.PROTECTTYPE = 205 THEN '√' ELSE '' END AS 'UPDATE', 21 CASE WHEN a.ACTION = 196 AND a.PROTECTTYPE = 205 THEN '√' ELSE '' END AS 'DELETE', 22 CASE WHEN a.ACTION = 224 AND a.PROTECTTYPE = 205 THEN '√' ELSE '' END AS 'EXECUTE', 23 CASE a.PROTECTTYPE 24 WHEN 204 THEN 'GRANT_W_GRANT ' 25 WHEN 205 THEN 'GRANT' 26 WHEN 206 THEN 'DENY' 27 ELSE 'OTHER' --当有other出现的时候,需要将其他的PROTECTTYPE添加进去。 28 END AS PROTECTTYPE 29 from sysprotects a inner join sysobjects b on a.id = b.id 30 inner join sysusers c on a.uid = c.uid 31 order by tname 32 33 select 34 'GRANT '+ CASE a.ACTION 35 WHEN 26 THEN 'REFERENCES' 36 WHEN 193 THEN 'SELECT' 37 WHEN 195 THEN 'INSERT' 38 WHEN 196 THEN 'DELETE' 39 WHEN 197 THEN 'UPDATE' 40 WHEN 224 THEN 'EXECUTE' 41 ELSE 'OTHER' --当有other出现的时候,需要将其他的ACTION类型添加进去。 42 END +' ON '+ b.name +' TO '+ c.name 43 from sysprotects a(nolock) inner join sysobjects b(nolock) on a.id = b.id 44 inner join sysusers c (nolock)on a.uid = c.uid 45 WHERE A.UID > 0 46 47 select a.uid as uid,a.status as uStatus,a.name as uName, 48 b.uid as rId,b.status as rStatus,b.name as rName 49 from sysusers a left join sysmembers m on m.memberuid = a.uid 50 left join sysusers b on b.gid = m.groupuid 51 where a.issqluser =1 52 --a.islogin =1 53 --b.issqlrole 54 55 SELECT DP.name as[user_name],SP.name as [logion_name] 56 FROM sys.database_principals DP ,sys.server_principals SP 57 WHERE SP.sid = DP.sid 58 59 select DbRole = g.name, MemberName = u.name, MemberSID = u.sid 60 from sys.database_principals u, sys.database_principals g, sys.database_role_members m 61 where g.principal_id = m.role_principal_id 62 and u.principal_id = m.member_principal_id 63 order by 1, 2
1 use master 2 go 3 4 select SrvRole = g.name, MemberName = u.name, MemberSID = u.sid 5 from sys.server_principals u, sys.server_principals g, sys.server_role_members m 6 where g.principal_id = m.role_principal_id 7 and u.principal_id = m.member_principal_id 8 order by 1, 2 9 go
1 WITH CTE AS 2 ( 3 SELECT u.name AS 用户名, 4 u.is_disabled AS 是否禁用, 5 g.name as 服务器角色, 6 '√' as 'flag' 7 FROM sys.server_principals u 8 INNER JOIN sys.server_role_members m ON u.principal_id = m.member_principal_id 9 INNER JOIN sys.server_principals g ON g.principal_id = m.role_principal_id 10 ) 11 SELECT * FROM CTE PIVOT(MAX(flag) FOR 服务器角色 IN ([public], 12 [sysadmin], 13 [securityadmin], 14 [serveradmin], 15 [setupadmin], 16 [processadmin], 17 [diskadmin], 18 [dbcreator], 19 [bulkadmin])) AS T 20 go
1 WITH CTE AS 2 ( 3 SELECT u.name AS 用户名, 4 g.name AS 数据库角色, 5 '√' as 'flag' 6 FROM sys.database_principals u 7 INNER JOIN sys.database_role_members m ON u.principal_id = m.member_principal_id 8 INNER JOIN sys.database_principals g ON g.principal_id = m.role_principal_id 9 ) 10 SELECT * FROM CTE PIVOT(MAX(flag) FOR 数据库角色 IN ([public], 11 [db_owner], 12 [db_accessadmin], 13 [db_securityadmin], 14 [db_ddladmin], 15 [db_backupoperator], 16 [db_datareader], 17 [db_datawriter], 18 [db_denydatareader], 19 [db_denydatawriter])) AS T 20 go
1 select c.name as 用户名,b.name as 对象名, 2 CASE b.type 3 WHEN 'U' THEN '表' 4 WHEN 'V' THEN '视图' 5 WHEN 'FN' THEN '标量函数' 6 WHEN 'AF' THEN '聚合函数' 7 WHEN 'IF' THEN '内联表值函数' 8 WHEN 'TF' THEN '表值函数' 9 WHEN 'P' THEN '存储过程' 10 WHEN 'X' THEN '扩展存储过程' 11 ELSE b.type 12 END AS 对象类型, 13 CASE WHEN a.ACTION = 26 AND a.PROTECTTYPE = 205 THEN '√' ELSE '' END AS 'REFERENCES', 14 CASE WHEN a.ACTION = 193 AND a.PROTECTTYPE = 205 THEN '√' ELSE '' END AS 'SELECT', 15 CASE WHEN a.ACTION = 195 AND a.PROTECTTYPE = 205 THEN '√' ELSE '' END AS 'INSERT', 16 CASE WHEN a.ACTION = 197 AND a.PROTECTTYPE = 205 THEN '√' ELSE '' END AS 'UPDATE', 17 CASE WHEN a.ACTION = 196 AND a.PROTECTTYPE = 205 THEN '√' ELSE '' END AS 'DELETE', 18 CASE WHEN a.ACTION = 224 AND a.PROTECTTYPE = 205 THEN '√' ELSE '' END AS 'EXECUTE', 19 CASE a.PROTECTTYPE 20 WHEN 204 THEN 'GRANT_W_GRANT' 21 WHEN 205 THEN 'GRANT' 22 WHEN 206 THEN 'DENY' 23 ELSE 'OTHER' 24 END AS PROTECTTYPE 25 from sysprotects a inner join sysobjects b on a.id = b.id 26 inner join sysusers c on a.uid = c.uid 27 go
--SQL Server中查询用户的对象权限`和角色的方法 -- 查询用户的object权限 exec sp_helprotect NULL, 'public' go exec sp_helprotect @username = 'public' go -- 查询用户拥有的role exec sp_helpuser 'public' -- 查询哪些用户拥有指定的系统role exec sp_helpsrvrolemember 'sysadmin' go
1 WITH tree_roles as 2 ( 3 SELECT role_principal_id, member_principal_id 4 FROM sys.database_role_members 5 WHERE member_principal_id = USER_ID('UserName') 6 UNION ALL 7 SELECT c.role_principal_id,c.member_principal_id 8 FROM sys.database_role_members as c 9 inner join tree_roles 10 on tree_roles.member_principal_id = c.role_principal_id 11 ) 12 SELECT distinct USER_NAME(role_principal_id) RoleName 13 FROM tree_roles
1 SELECT 2 name as UserName, type_desc as UserType, is_disabled as IsDisabled 3 FROM sys.server_principals 4 where type_desc in('WINDOWS_LOGIN', 'SQL_LOGIN') 5 order by UserType, name, IsDisabled
1 SELECT 2 dp.name as UserName, dp.type_desc as UserType, sp.name as LoginName, sp.type_desc as LoginType 3 FROM sys.database_principals dp 4 JOIN sys.server_principals sp ON dp.principal_id = sp.principal_id 5 order by UserType
1 select 2 p.name as UserName, p.type_desc as UserType, pp.name as ServerRoleName, pp.type_desc as ServerRoleType 3 from sys.server_role_members roles 4 join sys.server_principals p on roles.member_principal_id = p.principal_id 5 join sys.server_principals pp on roles.role_principal_id = pp.principal_id 6 order by ServerRoleName, UserName
1 SELECT 2 p.name as UserName, p.type_desc as UserType, pp.name as DBRoleName, pp.type_desc as DBRoleType, pp.is_fixed_role as IfFixedRole 3 FROM sys.database_role_members roles 4 JOIN sys.database_principals p ON roles.member_principal_id = p.principal_id 5 JOIN sys.database_principals pp ON roles.role_principal_id = pp.principal_id
1 SELECT 2 grantor.name as GrantorName, dp.state_desc as StateDesc, dp.class_desc as ClassDesc, dp.permission_name as PermissionName, 3 OBJECT_NAME(major_id) as ObjectName, GranteeName = grantee.name 4 FROM sys.database_permissions dp 5 JOIN sys.database_principals grantee on dp.grantee_principal_id = grantee.principal_id 6 JOIN sys.database_principals grantor on dp.grantor_principal_id = grantor.principal_id