| Author | Claudio Silva (@ClaudioESSilva) , Simone Bizzotto (@niphlod) |
| Availability | Windows, Linux, macOS |
Want to see the source code for this command? Check out Repair-DbaDbOrphanUser on GitHub.
Want to see the Bill Of Health for this command? Check out Repair-DbaDbOrphanUser.
Finds orphan users with existing login and remaps them.
An orphan user is defined by a user that does not have a matching login (Login property = "").
If the matching login exists it must be:
Enabled
Not a system object
Not locked
Have the same name that user
You can drop users that does not have their matching login by specifying the parameter -RemoveNotExisting.
Repair-DbaDbOrphanUser
[-SqlInstance] <DbaInstanceParameter[]>
[[-SqlCredential] <PSCredential>]
[[-Database] <Object[]>]
[[-ExcludeDatabase] <Object[]>]
[[-Users] <Object[]>]
[-RemoveNotExisting]
[-Force]
[-EnableException]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
PS C:\> Repair-DbaDbOrphanUser -SqlInstance sql2005
Finds and repairs all orphan users of all databases present on server 'sql2005'
PS C:\> Repair-DbaDbOrphanUser -SqlInstance sqlserver2014a -SqlCredential $cred
Finds and repair all orphan users in all databases present on server 'sqlserver2014a'. SQL credentials are used to authenticate to the server.
PS C:\> Repair-DbaDbOrphanUser -SqlInstance sqlserver2014a -Database db1, db2
Finds and repairs all orphan users in both db1 and db2 databases.
PS C:\> Repair-DbaDbOrphanUser -SqlInstance sqlserver2014a -Database db1 -Users OrphanUser
Finds and repairs user 'OrphanUser' in 'db1' database.
PS C:\> Repair-DbaDbOrphanUser -SqlInstance sqlserver2014a -Users OrphanUser
Finds and repairs user 'OrphanUser' on all databases
PS C:\> Repair-DbaDbOrphanUser -SqlInstance sqlserver2014a -RemoveNotExisting
Finds all orphan users of all databases present on server 'sqlserver2014a'. Removes all users that do not have matching Logins.
The target SQL Server instance or instances.
| Alias | |
| Required | True |
| Pipeline | true (ByValue) |
| Default Value |
Login to the target instance using alternative credentials. Accepts PowerShell credentials (Get-Credential).
Windows Authentication, SQL Server Authentication, Active Directory - Password, and Active Directory - Integrated are all supported.
For MFA support, please use Connect-DbaInstance.
| Alias | |
| Required | False |
| Pipeline | false |
| Default Value |
Specifies the database(s) to process. Options for this list are auto-populated from the server. If unspecified, all databases will be processed.
| Alias | |
| Required | False |
| Pipeline | false |
| Default Value |
Specifies the database(s) to exclude from processing. Options for this list are auto-populated from the server
| Alias | |
| Required | False |
| Pipeline | false |
| Default Value |
Specifies the list of usernames to repair.
| Alias | |
| Required | False |
| Pipeline | true (ByValue) |
| Default Value |
If this switch is enabled, all users that do not have a matching login will be dropped from the database.
| Alias | |
| Required | False |
| Pipeline | false |
| Default Value | False |
Forces alter schema to dbo owner so users can be dropped.
| Alias | |
| Required | False |
| Pipeline | false |
| Default Value | False |
By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message.
This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables advanced scripting.
Using this switch turns this "nice by default" feature off and enables you to catch exceptions with your own try/catch.
| Alias | |
| Required | False |
| Pipeline | false |
| Default Value | False |
If this switch is enabled, no actions are performed but informational messages will be displayed that explain what would happen if the command were to run.
| Alias | wi |
| Required | False |
| Pipeline | false |
| Default Value |
If this switch is enabled, you will be prompted for confirmation before executing any operations that change state.
| Alias | cf |
| Required | False |
| Pipeline | false |
| Default Value |