Menu
I have a database with a lot of users in it. Those users belong to different built-in roles in the DB (eg db_ddladmin).
I want to generate a script that creates those same users with the same role assignments to use in a different database. SQL Management Studio seems to only generate sp_addrolemember calls for user-defined roles, not the build-in ones. Is there any way to make it script all roles?
Perhaps there is any other, better tool for generating database scripts from an existing database (preferably, but not necessarily, free)?
807
Only use sp_addrolemember to add a member to a database role. To add a member to a server role, use sp_addsrvrolemember (Transact-SQL).
In the SQL Server Management Studio, expand Databases, and then locate the database that you want to script. Right-click the database, point to Script Database As, then point to CREATE To, and then select File. Enter a file name, and then select Save. The core database container will be scripted.
Right-click Roles, click New, and then click New Database Role. In the Database Role dialog box (see Figure 12-5), enter the name of the new role. Click Add to add members to the new role. Choose the members (users and/or other roles) of the new role and click OK.
Information about a database's users and the roles they are assigned to are made available in system views sys.database_principals and sys.database_role_members. Review this data with these queries:
select * from sys.database_principals
select * from sys.database_role_members
I'll assume you have database users and roles configured in database A, and you want them copied over to database B. To create the users in the target database:
.
SELECT 'CREATE USER [' + name + '] for login [' + name + ']'
from sys.database_principals
where Type = 'U'
and name <> 'dbo'
To configure the new users in B with the same roles as they have in A:
.
SELECT 'EXECUTE sp_addrolemember ''' + roles.name + ''', ''' + users.name + ''''
from sys.database_principals users
inner join sys.database_role_members link
on link.member_principal_id = users.principal_id
inner join sys.database_principals roles
on roles.principal_id = link.role_principal_id
Always review these scripts. There may be exceptions or special cases going on, and you just don't want to mess up security.
If the new database is on a different SQL Server instance, you will have to create the SQL logins first. If you have user-defined roles, you will need to recreate them first. (Roles and the permissions assigned to them are very open-ended, and I don't ever want to be in a situation where I'd need to do that!)
72
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
