commands

^

Export-DbaLogin

Author Chrissy LeMaire (@cl), netnerds.net
Availability Windows, Linux, macOS

 

Synopsis

Exports Windows and SQL Logins to a T-SQL file. Export includes login, SID, password, default database, default language, server permissions, server roles, db permissions, db roles.

Description

Exports Windows and SQL Logins to a T-SQL file. Export includes login, SID, password, default database, default language, server permissions, server roles, db permissions, db roles.

Syntax

Export-DbaLogin
    [[-SqlInstance] <DbaInstanceParameter[]>]
    [[-SqlCredential] <PSCredential>]
    [[-InputObject] <Object[]>]
    [[-Login] <Object[]>]
    [[-ExcludeLogin] <Object[]>]
    [[-Database] <Object[]>]
    [-ExcludeJobs]
    [-ExcludeDatabase]
    [-ExcludePassword]
    [[-DefaultDatabase] <String>]
    [[-Path] <String>]
    [[-FilePath] <String>]
    [[-Encoding] <String>]
    [-NoClobber]
    [-Append]
    [[-BatchSeparator] <String>]
    [[-DestinationVersion] <String>]
    [-NoPrefix]
    [-Passthru]
    [-ObjectLevel]
    [-EnableException]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

 

Examples

 

Example: 1
PS C:\> Export-DbaLogin -SqlInstance sql2005 -Path C:\temp\sql2005-logins.sql

Exports the logins for SQL Server "sql2005" and writes them to the file "C:\temp\sql2005-logins.sql"

Example: 2
PS C:\> Export-DbaLogin -SqlInstance sqlserver2014a -ExcludeLogin realcajun -SqlCredential $scred -Path C:\temp\logins.sql -Append

Authenticates to sqlserver2014a using SQL Authentication. Exports all logins except for realcajun to C:\temp\logins.sql, and appends to the file if it exists. If not, the file will be created.

Example: 3
PS C:\> Export-DbaLogin -SqlInstance sqlserver2014a -Login realcajun, netnerds -Path C:\temp\logins.sql

Exports ONLY logins netnerds and realcajun FROM sqlserver2014a to the file C:\temp\logins.sql

Example: 4
PS C:\> Export-DbaLogin -SqlInstance sqlserver2014a -Login realcajun, netnerds -Database HR, Accounting

Exports ONLY logins netnerds and realcajun FROM sqlserver2014a with the permissions on databases HR and Accounting

Example: 5
PS C:\> Get-DbaDatabase -SqlInstance sqlserver2014a -Database HR, Accounting | Export-DbaLogin

Exports ONLY logins FROM sqlserver2014a with permissions on databases HR and Accounting

Example: 6
PS C:\> Set-DbatoolsConfig -FullName formatting.batchseparator -Value $null
PS C:\> Export-DbaLogin -SqlInstance sqlserver2008 -Login realcajun, netnerds -Path C:\temp\login.sql

Exports ONLY logins netnerds and realcajun FROM sqlserver2008 server, to the C:\temp\login.sql file without the 'GO' batch separator.

Example: 7
PS C:\> Export-DbaLogin -SqlInstance sqlserver2008 -Login realcajun -Path C:\temp\users.sql -DestinationVersion SQLServer2016

Exports login realcajun from sqlserver2008 to the file C:\temp\users.sql with syntax to run on SQL Server 2016

Example: 8
PS C:\> Get-DbaDatabase -SqlInstance sqlserver2008 -Login realcajun | Export-DbaLogin

Exports login realcajun from sqlserver2008

Example: 9
PS C:\> Get-DbaLogin -SqlInstance sqlserver2008, sqlserver2012  | Where-Object { $_.IsDisabled -eq $false } | Export-DbaLogin

Exports all enabled logins from sqlserver2008 and sqlserver2008

Optional Parameters

-SqlInstance

The target SQL Server instance or instances. SQL Server 2000 and above supported.

Alias
Required False
Pipeline false
Default Value
-SqlCredential

Login to the target instance using alternative credentials. Accepts PowerShell credentials (Get-Credential). Windows Authentication, SQL Server Authentication, Active Directory - Password, and Active Directory - Integrated are all supported. For MFA support, please use Connect-DbaInstance.

Alias
Required False
Pipeline false
Default Value
-InputObject

Enables piping from Get-DbaDatabase, Get-DbaLogin and more.

Alias
Required False
Pipeline true (ByValue)
Default Value
-Login

The login(s) to process. Options for this list are auto-populated from the server. If unspecified, all logins will be processed.

Alias
Required False
Pipeline false
Default Value
-ExcludeLogin

The login(s) to exclude. Options for this list are auto-populated from the server.

Alias
Required False
Pipeline false
Default Value
-Database

The database(s) to process. Options for this list are auto-populated from the server. If unspecified, all databases will be processed.

Alias
Required False
Pipeline false
Default Value
-ExcludeJobs

If this switch is enabled, Agent job ownership will not be exported.

Alias
Required False
Pipeline false
Default Value False
-ExcludeDatabase

If this switch is enabled, mappings for databases will not be exported.

Alias ExcludeDatabases
Required False
Pipeline false
Default Value False
-ExcludePassword

If this switch is enabled, hashed passwords will not be exported.

Alias
Required False
Pipeline false
Default Value False
-DefaultDatabase

If this switch is enabled, all logins will be scripted with specified default database, that could help to successfully import logins on server that is missing default database for login.

Alias
Required False
Pipeline false
Default Value
-Path

Specifies the directory where the file or files will be exported. Will default to Path.DbatoolsExport Configuration entry

Alias
Required False
Pipeline false
Default Value (Get-DbatoolsConfigValue -FullName 'Path.DbatoolsExport')
-FilePath

Specifies the full file path of the output file. If left blank then filename based on Instance name and date is created. If more than one instance is input then this parameter should be blank.

Alias OutFile,FileName
Required False
Pipeline false
Default Value
-Encoding

Specifies the file encoding. The default is UTF8. Valid values are: -- ASCII: Uses the encoding for the ASCII (7-bit) character set. -- BigEndianUnicode: Encodes in UTF-16 format using the big-endian byte order. -- Byte: Encodes a set of characters into a sequence of bytes. -- String: Uses the encoding type for a string. -- Unicode: Encodes in UTF-16 format using the little-endian byte order. -- UTF7: Encodes in UTF-7 format. -- UTF8: Encodes in UTF-8 format. -- Unknown: The encoding type is unknown or invalid. The data can be treated as binary.

Alias
Required False
Pipeline false
Default Value UTF8
Accepted Values ASCII,BigEndianUnicode,Byte,String,Unicode,UTF7,UTF8,Unknown
-NoClobber

If this switch is enabled, a file already existing at the path specified by Path will not be overwritten.

Alias NoOverwrite
Required False
Pipeline false
Default Value False
-Append

If this switch is enabled, content will be appended to a file already existing at the path specified by Path. If the file does not exist, it will be created.

Alias
Required False
Pipeline false
Default Value False
-BatchSeparator

Batch separator for scripting output. Uses the value from configuration Formatting.BatchSeparator by default. This is normally "GO"

Alias
Required False
Pipeline false
Default Value (Get-DbatoolsConfigValue -FullName 'Formatting.BatchSeparator')
-DestinationVersion

To say to which version the script should be generated. If not specified will use instance major version.

Alias
Required False
Pipeline false
Default Value
Accepted Values SQLServer2000,SQLServer2005,SQLServer2008/2008R2,SQLServer2012,SQLServer2014,SQLServer2016,SQLServer2017,SQLServer2019
-NoPrefix

Do not include a Prefix

Alias
Required False
Pipeline false
Default Value False
-Passthru

Output script to console

Alias
Required False
Pipeline false
Default Value False
-ObjectLevel

Include object-level permissions for each user associated with copied login.

Alias
Required False
Pipeline false
Default Value False
-EnableException

By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message. This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables advanced scripting. Using this switch turns this "nice by default" feature off and enables you to catch exceptions with your own try/catch.

Alias
Required False
Pipeline false
Default Value False
-WhatIf

If this switch is enabled, no actions are performed but informational messages will be displayed that explain what would happen if the command were to run.

Alias wi
Required False
Pipeline false
Default Value
-Confirm

If this switch is enabled, you will be prompted for confirmation before executing any operations that change state.

Alias cf
Required False
Pipeline false
Default Value

 

Want to see the source code for this command? Check out Export-DbaLogin on GitHub.
Want to see the Bill Of Health for this command? Check out Export-DbaLogin.