Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion Groups
DB Engine
SQL ServerMSDESQL Server CE
Services
Analysis (Data Mining)Analysis (OLAP)DTSIntegration ServicesNotification ServicesReporting Services
Programming
CLRConnectivitySQLXML
Other Technologies
ClusteringEnglish QueryFull-Text SearchReplicationService Broker
General
Data WarehousingPerformanceSecuritySetupSQL Server ToolsOther SQL Server Topics
DirectoryUser Groups
Related Topics
MS AccessOther DB ProductsMS Server Products.NET DevelopmentVB DevelopmentJava DevelopmentMore Topics ...
SQL Server Forum / General / Security / May 2006

Tip: Looking for answers? Try searching our database.

How to determine if a Windows Auth ID is no longer valid in SQL?

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Stephanie - 19 May 2006 18:34 GMT
How can we proactively find out when a Windows Authentication ID in SQL
Server is no longer valid, i.e. an employee is no longer with the company so
we should delete their related Windows Authentication user IDs from our SQL
Server databases?
Reply to this Message
MeanOldDBA - 21 May 2006 03:29 GMT
Don't you have an employee table that lists the AD login and whether the
employee is active or not?  Some companies store this data directly in AD.  
You need to find out where the information is stored though, before we can
tell you how to fix your issue.

Another question...are they disabling the AD account?  If you were using AD
groups, instead of individual logins, you would no longer have to worry about
an individuals access.  It's also easier to manage and delegate management
responsibility to the business and HR.

Signature

MeanOldDBA
derrickleggett@hotmail.com
http://weblogs.sqlteam.com/derrickl

When life gives you a lemon, fire the DBA.

> How can we proactively find out when a Windows Authentication ID in SQL
> Server is no longer valid, i.e. an employee is no longer with the company so
> we should delete their related Windows Authentication user IDs from our SQL
> Server databases?
Reply to this Message
Randy - 22 May 2006 15:41 GMT
I found the sp_ValidateLogins very helpful.  
To quote the BOL - "Reports information about orphaned Microsoft® Windows
NT® users and groups that no longer exist in the Windows NT environment but
still have entries in the Microsoft SQL Server™ system tables."

Randy

> How can we proactively find out when a Windows Authentication ID in SQL
> Server is no longer valid, i.e. an employee is no longer with the company so
> we should delete their related Windows Authentication user IDs from our SQL
> Server databases?
Reply to this Message
Stephanie - 22 May 2006 17:18 GMT
Thanks, I'm going to give that a try.  It looks like it is exactly what I need.

Stephanie

> I found the sp_ValidateLogins very helpful.  
> To quote the BOL - "Reports information about orphaned Microsoft® Windows
[quoted text clipped - 7 lines]
> > we should delete their related Windows Authentication user IDs from our SQL
> > Server databases?
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2009 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.