Add-DbaDbRoleMember View Source Ben Miller (@DBAduck) Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Adds database users or roles as members to database roles across SQL Server instances
Description Manages database security by adding users or roles as members to database roles, automating what would otherwise require manual T-SQL commands or SQL Server Management Studio clicks. This function handles membership validation to ensure the user or role exists in the database before attempting to add them, and checks existing membership to prevent duplicate assignments.
Export-DbaUser View Source Claudio Silva (@ClaudioESSilva) Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Generates T-SQL scripts to recreate database users with their complete security context including roles and permissions
Description Creates comprehensive T-SQL scripts that fully recreate database users along with their security assignments and permissions. The generated scripts include user creation statements, role memberships, database-level permissions (like CONNECT, SELECT, INSERT), and granular object-level permissions for tables, views, stored procedures, functions, and other database objects.
Get-DbaDbOrphanUser View Source Claudio Silva (@ClaudioESSilva) , Garry Bargsley (@gbargsley) , Simone Bizzotto (@niphlod) Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Get orphaned users.
Description An orphan user is defined by a user that does not have their matching login. (Login property = “”).
Syntax Get-DbaDbOrphanUser [-SqlInstance] <DbaInstanceParameter[]> [[-SqlCredential] <PSCredential>] [[-Database] <Object[]>] [[-ExcludeDatabase] <Object[]>] [-EnableException] [<CommonParameters>] Examples Example: 1 PS C:\> Get-DbaDbOrphanUser -SqlInstance localhost\sql2016 Finds all orphan users without matching Logins in all databases present on server ’localhost\sql2016’.
Get-DbaDbRole View Source Ben Miller (@DBAduck) Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Retrieves database roles from SQL Server instances for security auditing and permission analysis.
Description Retrieves all database roles (both fixed and custom) from one or more SQL Server databases, returning detailed role information for security audits and compliance reporting. This function examines the roles collection in each accessible database, allowing you to identify custom roles, exclude built-in fixed roles, or focus on specific roles by name.
Get-DbaDbRoleMember View Source Klaas Vandenberghe (@PowerDBAKlaas) Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Retrieves all users and nested roles that are members of database roles across SQL Server instances
Description This function enumerates the membership of database roles, showing which users and nested roles belong to each role. Essential for security audits, permission troubleshooting, and compliance reporting, it reveals the complete role hierarchy within your databases.
Get-DbaDbUser View Source Klaas Vandenberghe (@PowerDbaKlaas) Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Retrieves database user accounts and their associated login mappings from SQL Server databases
Description Retrieves all database user accounts from one or more databases, showing their associated server logins, authentication types, and access states. This function is essential for security audits, user access reviews, and compliance reporting where you need to see who has database-level access and how their accounts are configured.
Get-DbaUserPermission View Source Brandon Abshire, netnerds.net , Josh Smith Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Audits comprehensive security permissions across SQL Server instances using DISA STIG methodology
Description Performs a comprehensive security audit by analyzing all server logins, server-level permissions, database users, database roles, and object-level permissions across SQL Server instances. Creates temporary STIG (Security Technical Implementation Guide) objects in tempdb to gather detailed permission information for both direct and inherited access rights.
New-DbaDbRole View Source Claudio Silva (@ClaudioESSilva), claudioessilva.eu Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Creates new database roles in one or more SQL Server databases.
Description Creates custom database roles for implementing role-based security in SQL Server databases. This function handles the creation of user-defined database roles that can later be granted specific permissions and have users or other roles assigned to them.
Frank Henninger (@osiris687) | Andreas Jordan (@JordanOrdix), ordix.de
New-DbaDbUser View Source Frank Henninger (@osiris687) , Andreas Jordan (@JordanOrdix), ordix.de Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Creates database users with support for SQL logins, contained users, and Azure AD authentication.
Description Creates database users across one or more databases, supporting multiple authentication types including traditional SQL login mapping, contained users with passwords, and Azure Active Directory external provider authentication.
Remove-DbaDbOrphanUser View Source Claudio Silva (@ClaudioESSilva) , Simone Bizzotto (@niphlod) Windows, Linux, macOS On this page: Synopsis · Description · Syntax · Examples · Parameters · Outputs Synopsis Removes orphaned database users that no longer have corresponding SQL Server logins
Description Removes orphaned database users from one or more databases, handling schema ownership transfers automatically to prevent dependency issues.
Orphaned users occur when a database user exists but its corresponding login in the master database has been deleted or doesn’t exist on the current server.
dbatools