Collecting user information for Windows NT Users

Question

Collecting user information for Windows NT Users

Jeremy Brown

SSCarpal Tunnel

Points: 4223
More actions
October 22, 2002 at 7:52 am

#158924

I have a table with windows NT usernames. I would like to retrieve information on each of these usernames such as the full name and the Windows NT global groups they are members of.
I have poked around in BOL and here looking for the answer.
Any ideas?

Viewing 8 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic. Login to reply

K. Brian Kelley SSC Guru Points: 114642 More actions · Answer 1

I have several Perl scripts that run to retrieve this information once a night. I then store it in SQL. One of the things it lets me see is what user accounts, what groups, and what memberships have been dropped and created. I can then provide an audit report for this.

K. Brian Kelley

http://www.truthsolutions.com/

Author: Start to Finish Guide to SQL Server Performance Monitoring

http://www.netimpress.com/shop/product.asp?ProductID=NI-SQL1

K. Brian Kelley
@kbriankelley

Steve Jones - SSC Editor SSC Guru Points: 736150 More actions · Answer 2

Need some type of NT/AD scripting to get this info. Not directly in SQL. Could use SP_OACreateObject to instantiate one of the group objects and query it. Not pretty.

Maybe Brian will get generous and post some Perl

Steve Jones

sjones@sqlservercentral.com

http://www.sqlservercentral.com/columnists/sjones

K. Brian Kelley SSC Guru Points: 114642 More actions · Answer 3

Yeah, I do need to do that. Though I'll use the ADO objects since that's easier for most who've done Windows development than say DBI.

K. Brian Kelley

http://www.truthsolutions.com/

Author: Start to Finish Guide to SQL Server Performance Monitoring

http://www.netimpress.com/shop/product.asp?ProductID=NI-SQL1

K. Brian Kelley
@kbriankelley

Jeremy Brown SSCarpal Tunnel Points: 4223 More actions · Answer 4

Yes, I think Brian being the uber-friendly guy he is will be posting his perl scripts shortly. If not, I know where he works.

I thought I would have to create and destroy an external COM object to grab it. And yes it looks very ugly.

I'm surprised Microsoft hasn't included this in SQL Server. This would be a really cool tool for a sysadmin to monitor group membership changes and auditing. It can also be used to restrict rows of data combined with the IS_MEMBER function (which is what I'm trying to do).

K. Brian Kelley SSC Guru Points: 114642 More actions · Answer 5

It can be done using ADSI or some of the API calls (in which case, you're probably out of scripting for the latter). As I told Void, since he fancies himself a VC++ programmer, he always has the option of creating the functionality as an extended stored procedure.

K. Brian Kelley

http://www.truthsolutions.com/

Author: Start to Finish Guide to SQL Server Performance Monitoring

http://www.netimpress.com/shop/product.asp?ProductID=NI-SQL1

K. Brian Kelley
@kbriankelley

Jeremy Brown SSCarpal Tunnel Points: 4223 More actions · Answer 6

funny you mention that. I just found a little program in MSDN written in C++ that does just exactly what I want...

Now if I could only convince the powers that be to get me a nice MSDN subscription...

Andy Warren SSC Guru Points: 119902 More actions · Answer 7

I think there is also an AD provider you can use with openrowset.

Andy

http://www.sqlservercentral.com/columnists/awarren/

Andy
SQLAndy - My Blog!
Connect with me on LinkedIn
Follow me on Twitter