commands

^

Test-DbaAgentJobOwner

Author Michael Fal (@Mike_Fal), mikefal.net
Availability Windows, Linux, macOS

 

Want to see the source code for this command? Check out Test-DbaAgentJobOwner on GitHub.
Want to see the Bill Of Health for this command? Check out Test-DbaAgentJobOwner.

Synopsis

Checks SQL Agent Job owners against a login to validate which jobs do not match that owner.

Description

This function checks all SQL Agent Jobs on an instance against a SQL login to validate if that login owns those SQL Agent Jobs or not. By default, the function checks against 'sa' for ownership, but the user can pass a specific login if they use something else.

Only SQL Agent Jobs that do not match this ownership will be displayed. Best practice reference: https://www.itprotoday.com/sql-server-tip-assign-ownership-jobs-sysadmin-account

Syntax

Test-DbaAgentJobOwner
    [-SqlInstance] <DbaInstanceParameter[]>
    [[-SqlCredential] <PSCredential>]
    [[-Job] <Object[]>]
    [[-ExcludeJob] <Object[]>]
    [[-Login] <String>]
    [-EnableException]
    [<CommonParameters>]

 

Examples

 

Example: 1
PS C:\> Test-DbaAgentJobOwner -SqlInstance localhost

Returns all SQL Agent Jobs where the owner does not match 'sa'.

Example: 2
PS C:\> Test-DbaAgentJobOwner -SqlInstance localhost -ExcludeJob 'syspolicy_purge_history'

Returns SQL Agent Jobs except for the syspolicy_purge_history job

Example: 3
PS C:\> Test-DbaAgentJobOwner -SqlInstance localhost -Login DOMAIN\account

Returns all SQL Agent Jobs where the owner does not match DOMAIN\account. Note
that Login must be a valid security principal that exists on the target server.

Required Parameters

-SqlInstance

The target SQL Server instance or instances.

Alias
Required True
Pipeline true (ByValue)
Default Value

Optional Parameters

-SqlCredential

Login to the target instance using alternative credentials. Accepts PowerShell credentials (Get-Credential). Windows Authentication, SQL Server Authentication, Active Directory - Password, and Active Directory - Integrated are all supported. For MFA support, please use Connect-DbaInstance.

Alias
Required False
Pipeline false
Default Value
-Job

Specifies the job(s) to process. Options for this list are auto-populated from the server. If unspecified, all jobs will be processed.

Alias Jobs
Required False
Pipeline false
Default Value
-ExcludeJob

Specifies the job(s) to exclude from processing. Options for this list are auto-populated from the server.

Alias
Required False
Pipeline false
Default Value
-Login

Specifies the login that you wish check for ownership. This defaults to 'sa' or the sysadmin name if sa was renamed. This must be a valid security principal which exists on the target server.

Alias TargetLogin
Required False
Pipeline false
Default Value
-EnableException

By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message. This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables advanced scripting. Using this switch turns this "nice by default" feature off and enables you to catch exceptions with your own try/catch.

Alias
Required False
Pipeline false
Default Value False