Database Owners, role memberships and critical permissions

Here, I am providing a T-SQL Script which Identifies the respective database owners of all databases Detects invalid/missing database owners Indicates whether the owner directly possesses security-critical system-wide rights Indicates membership in high privilege Server Roles –

 
 
 
 
 
5 Star
(6)
1,947 times
Add to favorites
Databases
3/26/2014
E-mail Twitter del.icio.us Digg Facebook
Sign in to ask a question


  • Please describe risk in the data
    1 Posts | Last post May 12, 2016
    • 
      I have executed the attached query: can you please describe the risk in the result below;
      
      DB#	is_trustworthy	db_chaining_on	x_dbc	db_owner_valid	external_owner	login_permission	server_role_membership	role_permission	*internal details:	*Database_Name	*External_Owner	*Custom_Role_Name
      db_1	0	1	0	valid	sa	NULL	sysadmin (!)	NULL	|*cut here|	master	old_sa_sa	NULL
      db_2	0	1	0	valid	sa	NULL	sysadmin (!)	NULL	|*cut here|	tempdb	old_sa_sa	NULL
      db_3	0	0	0	valid	sa	NULL	sysadmin (!)	NULL	|*cut here|	model	old_sa_sa	NULL
      db_4	1	1	0	valid	sa	NULL	sysadmin (!)	NULL	|*cut here|	****	old_sa_sa	NULL
      db_5	0	0	0	valid	other account	NULL	sysadmin (!)	NULL	|*cut here|	****	****\Administrator	NULL
      db_6	0	0	0	valid	other account	NULL	sysadmin (!)	NULL	|*cut here|	****	****\Administrator	NULL
      db_7	0	0	0	not valid (!)	other account	NULL	sysadmin (!)	NULL	|*cut here|	****	****\Administrator	NULL
      db_8	0	0	0	valid	other account	NULL	sysadmin (!)	NULL	|*cut here|	****	****\Administrator	NULL
      db_9	0	0	0	not valid (!)	other account	NULL	sysadmin (!)	NULL	|*cut here|	****	****\Administrator	NULL
      db_10	0	0	0	valid	other account	NULL	sysadmin (!)	NULL	|*cut here|	****	****\Administrator	NULL
      db_11	0	0	0	not valid (!)	other account	NULL	sysadmin (!)	NULL	|*cut here|	****	****\Administrator	NULL
      db_12	0	0	0	valid	other account	NULL	sysadmin (!)	NULL	|*cut here|	****	****\Administrator	NULL
      db_13	0	0	0	not valid (!)	other account	NULL	sysadmin (!)	NULL	|*cut here|	****	****\Administrator	NULL
      db_14	0	0	0	not valid (!)	other account	NULL	sysadmin (!)	NULL	|*cut here|	****	****\Administrator	NULL
      db_15	0	0	0	valid	other account	NULL	sysadmin (!)	NULL	|*cut here|	****	****\Administrator	NULL
      
  • What is risk of dbowner is invalid
    1 Posts | Last post May 12, 2016
    • what is the risk if dbowner is not valid and how to set the db owner of particular database?
  • USeful
    1 Posts | Last post May 09, 2015
    • good