commands

^

Set-DbaPrivilege

Author Klaas Vandenberghe ( @PowerDBAKlaas )
Availability Windows only

 

Synopsis

Adds the SQL Service account to local privileges on one or more computers.

Description

Adds the SQL Service account to local privileges 'Lock Pages in Memory', 'Instant File Initialization', 'Logon as Batch' on one or more computers.

Requires Local Admin rights on destination computer(s).

Syntax

Set-DbaPrivilege
    [[-ComputerName] <DbaInstanceParameter[]>]
    [[-Credential] <PSCredential>]
    [-Type] <String[]>
    [-EnableException]
    [[-User] <String>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

 

Examples

 

Example: 1
PS C:\> Set-DbaPrivilege -ComputerName sqlserver2014a -Type LPIM,IFI

Adds the SQL Service account(s) on computer sqlserver2014a to the local privileges 'SeManageVolumePrivilege' and 'SeLockMemoryPrivilege'.

Example: 2
PS C:\> 'sql1','sql2','sql3' | Set-DbaPrivilege -Type IFI

Adds the SQL Service account(s) on computers sql1, sql2 and sql3 to the local privilege 'SeManageVolumePrivilege'.

Required Parameters

-Type

Use this to choose the privilege(s) to which you want to add the SQL Service account. Accepts 'IFI', 'LPIM', 'BatchLogon', and/or 'SecAudit' for local privileges 'Instant File Initialization', 'Lock Pages in Memory', 'Logon as Batch', and 'Generate Security Audits'.

Alias
Required True
Pipeline false
Default Value
Accepted Values IFI,LPIM,BatchLogon,SecAudit

Optional Parameters

-ComputerName

The target SQL Server instance or instances.

Alias cn,host,Server
Required False
Pipeline true (ByValue)
Default Value $env:COMPUTERNAME
-Credential

Credential object used to connect to the computer as a different user.

Alias
Required False
Pipeline false
Default Value
-EnableException

By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message. This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables advanced scripting. Using this switch turns this "nice by default" feature off and enables you to catch exceptions with your own try/catch.

Alias
Required False
Pipeline false
Default Value False
-User

If provided, will add requested permissions to this account instead of the the account under which the SQL service is running.

Alias
Required False
Pipeline false
Default Value
-WhatIf

If this switch is enabled, no actions are performed but informational messages will be displayed that explain what would happen if the command were to run.

Alias wi
Required False
Pipeline false
Default Value
-Confirm

If this switch is enabled, you will be prompted for confirmation before executing any operations that change state.

Alias cf
Required False
Pipeline false
Default Value

 

Want to see the source code for this command? Check out Set-DbaPrivilege on GitHub.
Want to see the Bill Of Health for this command? Check out Set-DbaPrivilege.