I am trying to write a script that generates a user audit of users who actually can and can't access a database. When it comes to groups I'm using xp_logininfo to get the members of the group. I have noticed that you can have a group configured under Database\Users but that group doesn't have to be configured in Security\Logins. As long as the individual member inside the group is configured with a login for their username they can access the database through the group. However, in these cases, xp_logininfo doesn't return any results when attempting to determine the members of the group. Is there any way to resolve this? I've seen other examples of scripts that actually link the Active Directory server but this will not be an option as our customer base is widespread and diverse.
↧