October 29, 2009 at 4:20 pm
Hi guys, I'm guessing this won't be possible, but figured I'd check if it was.
Let's say that some users are assigned to a User Group using Active Directory (in addition to having their own Active Directory Accounts) where all appear in SQL Server Management Studio 2005's Security - Logins.
Is there any way to see which users are mapped to that Group Account in SSMS? I take the blame if an end-user can't run a Stored Procedure etc when something goes live, but I can't see myself if they have the Execute Permission without mapping a Login to their inividual Windows account.
As you can imagine, I'm Sysadmin on SSMS, but don't know much about and don't believe I can access Active Directory myself, which is managed by a different group.
October 30, 2009 at 8:13 am
There is not a way that I am aware of. You could do it in the CLR, but I don' think you could have the CLR procedure be Trusted. You can also do it with PowerShell.
I think everyone has read rights into AD.
Jack Corbett
Consultant - Straight Path Solutions
Check out these links on how to get faster and more accurate answers:
Forum Etiquette: How to post data/code on a forum to get the best help
Need an Answer? Actually, No ... You Need a Question
November 1, 2009 at 8:56 pm
You're right, I can Read into the AD. I've stumbled across some useful VB.Net code for viewing some ActiveDirectory info, so I'll probably look to do this in Visual Studio 2005. Thanks Jack!
November 2, 2009 at 7:50 am
This may or may not work, but there are scripts out there to create a linked server to AD and then query AD as if it were SQL.
They work, but coming up with the proper syntax is very time consuming and tedious.
http://forums.asp.net/t/588030.aspx
November 4, 2009 at 8:37 pm
Wow, I had been taking completely the wrong approach with this one.
Start (i.e. the bottom left hand corner of desktop Start) - Search - For People - set "Look in" drop-down to 'Active Directory' - select "Advanced" tab - put a bit of the name of the User group I'm after in the "Name contains" area - select Find Now and then select it and hit Properties.
Everything I was after! 😀
November 5, 2009 at 11:27 am
PowerShell will be the easiest way out..use WMI, Win32_NTdomain class..
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply