< Back
Repair-DbaDbOrphanUser
Post
NAME Repair-DbaDbOrphanUser
SYNOPSIS
Finds orphan users with existing login and remaps them.
SYNTAX
Repair-DbaDbOrphanUser [-SqlInstance] <Sqlcollaborative.Dbatools.Parameter.DbaInstanceParameter[]>
[[-SqlCredential] <Pscredential>] [[-Database] <System.Object[]>] [[-ExcludeDatabase] <System.Object[]>] [[-Users]
<System.Object[]>] [-RemoveNotExisting <Switch>] [-Force <Switch>] [-EnableException <Switch>] [<CommonParameters>]
DESCRIPTION
An orphan user is defined by a user that does not have a matching login (Login property = "").
If the matching login exists it must be:
Enabled
Not a system object
Not locked
Have the same name that user
You can drop users that does not have their matching login by specifying the parameter -RemoveNotExisting.
PARAMETERS
-Database [<System.Object[]>]
Specifies the database(s) to process. Options for this list are auto-populated from the server. If
unspecified, all databases will be processed.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-EnableException [<Switch>]
By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message.
This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables
advanced scripting.
Using this switch turns this "nice by default" feature off and enables you to catch exceptions with your own
try/catch.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-ExcludeDatabase [<System.Object[]>]
Specifies the database(s) to exclude from processing. Options for this list are auto-populated from the server
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Force [<Switch>]
Forces alter schema to dbo owner so users can be dropped.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-RemoveNotExisting [<Switch>]
If this switch is enabled, all users that do not have a matching login will be dropped from the database.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-SqlCredential [<Pscredential>]
Login to the target instance using alternative credentials. Accepts PowerShell credentials (Get-Credential).
Windows Authentication, SQL Server Authentication, Active Directory - Password, and Active Directory -
Integrated are all supported.
For MFA support, please use Connect-DbaInstance.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-SqlInstance [<Sqlcollaborative.Dbatools.Parameter.DbaInstanceParameter[]>]
The target SQL Server instance or instances.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Users [<System.Object[]>]
Specifies the list of usernames to repair.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
NOTES
Tags: Orphan
Author: Claudio Silva (@ClaudioESSilva) | Simone Bizzotto (@niphlod)
Website: https://dbatools.io
Copyright: (c) 2018 by dbatools, licensed under MIT
License: MIT https://opensource.org/licenses/MIT
-------------------------- EXAMPLE 1 --------------------------
PS C:\\>Repair-DbaDbOrphanUser -SqlInstance sql2005
Finds and repairs all orphan users of all databases present on server 'sql2005'
-------------------------- EXAMPLE 2 --------------------------
PS C:\\>Repair-DbaDbOrphanUser -SqlInstance sqlserver2014a -SqlCredential $cred
Finds and repair all orphan users in all databases present on server 'sqlserver2014a'. SQL credentials are used to
authenticate to the server.
-------------------------- EXAMPLE 3 --------------------------
PS C:\\>Repair-DbaDbOrphanUser -SqlInstance sqlserver2014a -Database db1, db2
Finds and repairs all orphan users in both db1 and db2 databases.
-------------------------- EXAMPLE 4 --------------------------
PS C:\\>Repair-DbaDbOrphanUser -SqlInstance sqlserver2014a -Database db1 -Users OrphanUser
Finds and repairs user 'OrphanUser' in 'db1' database.
-------------------------- EXAMPLE 5 --------------------------
PS C:\\>Repair-DbaDbOrphanUser -SqlInstance sqlserver2014a -Users OrphanUser
Finds and repairs user 'OrphanUser' on all databases
-------------------------- EXAMPLE 6 --------------------------
PS C:\\>Repair-DbaDbOrphanUser -SqlInstance sqlserver2014a -RemoveNotExisting
Finds all orphan users of all databases present on server 'sqlserver2014a'. Removes all users that do not have
matching Logins.
RELATED LINKS
https://dbatools.io/Repair-DbaDbOrphanUser
SYNOPSIS
Finds orphan users with existing login and remaps them.
SYNTAX
Repair-DbaDbOrphanUser [-SqlInstance] <Sqlcollaborative.Dbatools.Parameter.DbaInstanceParameter[]>
[[-SqlCredential] <Pscredential>] [[-Database] <System.Object[]>] [[-ExcludeDatabase] <System.Object[]>] [[-Users]
<System.Object[]>] [-RemoveNotExisting <Switch>] [-Force <Switch>] [-EnableException <Switch>] [<CommonParameters>]
DESCRIPTION
An orphan user is defined by a user that does not have a matching login (Login property = "").
If the matching login exists it must be:
Enabled
Not a system object
Not locked
Have the same name that user
You can drop users that does not have their matching login by specifying the parameter -RemoveNotExisting.
PARAMETERS
-Database [<System.Object[]>]
Specifies the database(s) to process. Options for this list are auto-populated from the server. If
unspecified, all databases will be processed.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-EnableException [<Switch>]
By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message.
This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables
advanced scripting.
Using this switch turns this "nice by default" feature off and enables you to catch exceptions with your own
try/catch.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-ExcludeDatabase [<System.Object[]>]
Specifies the database(s) to exclude from processing. Options for this list are auto-populated from the server
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Force [<Switch>]
Forces alter schema to dbo owner so users can be dropped.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-RemoveNotExisting [<Switch>]
If this switch is enabled, all users that do not have a matching login will be dropped from the database.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-SqlCredential [<Pscredential>]
Login to the target instance using alternative credentials. Accepts PowerShell credentials (Get-Credential).
Windows Authentication, SQL Server Authentication, Active Directory - Password, and Active Directory -
Integrated are all supported.
For MFA support, please use Connect-DbaInstance.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-SqlInstance [<Sqlcollaborative.Dbatools.Parameter.DbaInstanceParameter[]>]
The target SQL Server instance or instances.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
-Users [<System.Object[]>]
Specifies the list of usernames to repair.
Required? false
Position? named
Default value
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
NOTES
Tags: Orphan
Author: Claudio Silva (@ClaudioESSilva) | Simone Bizzotto (@niphlod)
Website: https://dbatools.io
Copyright: (c) 2018 by dbatools, licensed under MIT
License: MIT https://opensource.org/licenses/MIT
-------------------------- EXAMPLE 1 --------------------------
PS C:\\>Repair-DbaDbOrphanUser -SqlInstance sql2005
Finds and repairs all orphan users of all databases present on server 'sql2005'
-------------------------- EXAMPLE 2 --------------------------
PS C:\\>Repair-DbaDbOrphanUser -SqlInstance sqlserver2014a -SqlCredential $cred
Finds and repair all orphan users in all databases present on server 'sqlserver2014a'. SQL credentials are used to
authenticate to the server.
-------------------------- EXAMPLE 3 --------------------------
PS C:\\>Repair-DbaDbOrphanUser -SqlInstance sqlserver2014a -Database db1, db2
Finds and repairs all orphan users in both db1 and db2 databases.
-------------------------- EXAMPLE 4 --------------------------
PS C:\\>Repair-DbaDbOrphanUser -SqlInstance sqlserver2014a -Database db1 -Users OrphanUser
Finds and repairs user 'OrphanUser' in 'db1' database.
-------------------------- EXAMPLE 5 --------------------------
PS C:\\>Repair-DbaDbOrphanUser -SqlInstance sqlserver2014a -Users OrphanUser
Finds and repairs user 'OrphanUser' on all databases
-------------------------- EXAMPLE 6 --------------------------
PS C:\\>Repair-DbaDbOrphanUser -SqlInstance sqlserver2014a -RemoveNotExisting
Finds all orphan users of all databases present on server 'sqlserver2014a'. Removes all users that do not have
matching Logins.
RELATED LINKS
https://dbatools.io/Repair-DbaDbOrphanUser