May 22, 2011 at 5:30 pm
Trying to clean up logins. There are a lot of single logins. Want to create groups i.e admin, read-only, app, dev, qa and eliminate the single logins. How can this be done with minimum admin work?
Appreciate any help in this .
Thanks
SVR
May 22, 2011 at 7:01 pm
What I would do is create a server side trace - or login trigger to capture logins. Review the logins and disable any logins that have not accessed the server in say 90 days. After 120 days, remove any logins that have not accessed the server.
Jeffrey Williams
“We are all faced with a series of great opportunities brilliantly disguised as impossible situations.”
― Charles R. Swindoll
How to post questions to get better answers faster
Managing Transaction Logs
May 23, 2011 at 7:05 am
Thank you very much.
Can you suggest any ways that I can use to group the remaining logins.
May 23, 2011 at 10:13 am
SVR (5/23/2011)
Thank you very much.Can you suggest any ways that I can use to group the remaining logins.
I am not sure what you are asking here - if you are asking about how you can create groups and put the logins into those groups, that is something you have to determine. I have no way of knowing how you would group the logins.
Jeffrey Williams
“We are all faced with a series of great opportunities brilliantly disguised as impossible situations.”
― Charles R. Swindoll
How to post questions to get better answers faster
Managing Transaction Logs
June 2, 2011 at 5:36 am
We also use a logon trigger to catch all logins to table and cleanup after xx days.
Orphaned sql logins just get deleted. As for network accounts, I use a powershell script to list all my SQL Windows logins and then compare this with our Act.Dir. If corresponding AD account is not found, it gets deleted on SQL svr.
rgds
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply