dbatools

0.9.18

functions/Get-DbaDatabaseUser.ps1

                                Function Get-DbaDatabaseUser {

    <#

.SYNOPSIS

Gets database users

.DESCRIPTION

Gets database users

.PARAMETER SqlInstance

The target SQL Server instance(s)

.PARAMETER SqlCredential

Allows you to login to SQL Server using alternative credentials

.PARAMETER Database

To get users from specific database(s)

.PARAMETER ExcludeDatabase

The database(s) to exclude - this list is auto populated from the server

.PARAMETER ExcludeSystemUser

This switch removes all system objects from the user collection

.PARAMETER Silent

Use this switch to disable any kind of verbose messages

.NOTES

Tags: security, Databases

Author: Klaas Vandenberghe ( @PowerDbaKlaas )

Website: https://dbatools.io

Copyright: (C) Chrissy LeMaire, clemaire@gmail.com

License: GNU GPL v3 https://opensource.org/licenses/GPL-3.0

.EXAMPLE

Get-DbaDatabaseUser -SqlInstance sql2016

Gets all database users

.EXAMPLE

Get-DbaDatabaseUser -SqlInstance Server1 -Database db1

Gets the users for the db1 database

.EXAMPLE

Get-DbaDatabaseUser -SqlInstance Server1 -ExcludeDatabase db1

Gets the users for all databases except db1

.EXAMPLE

Get-DbaDatabaseUser -SqlInstance Server1 -ExcludeSystemUser

Gets the users for all databases that are not system objects, like 'dbo', 'guest' or 'INFORMATION_SCHEMA'

.EXAMPLE

'Sql1','Sql2/sqlexpress' | Get-DbaDatabaseUser

Gets the users for the databases on Sql1 and Sql2/sqlexpress

#>

    [CmdletBinding()]

    param (

        [parameter(Mandatory, ValueFromPipeline)]

        [Alias("ServerInstance", "SqlServer")]

        [DbaInstanceParameter[]]$SqlInstance,

        [PSCredential]$SqlCredential,

        [object[]]$Database,

        [object[]]$ExcludeDatabase,

        [switch]$ExcludeSystemUser,

        [switch]$Silent

    )

    process {

        foreach ($instance in $SqlInstance) {

            try {

                Write-Message -Level Verbose -Message "Connecting to $instance"

                $server = Connect-SqlInstance -SqlInstance $instance -SqlCredential $sqlcredential

            }

            catch {

                Stop-Function -Message "Failure" -Category ConnectionError -ErrorRecord $_ -Target $instance -Continue

            }

            $databases = $server.Databases

            if ($Database) {

                $databases = $databases | Where-Object Name -In $Database

            }

            if ($ExcludeDatabase) {

                $databases = $databases | Where-Object Name -NotIn $ExcludeDatabase

            }

            foreach ($db in $databases) {

                if (!$db.IsAccessible) {

                    Write-Message -Level Warning -Message "Database $db is not accessible. Skipping."

                    continue

                }

                $users = $db.users

                if (!$users) {

                    Write-Message -Message "No users exist in the $db database on $instance" -Target $db -Level Verbose

                    continue

                }

                if (Test-Bound -ParameterName ExcludeSystemUser) {

                    $users = $users | Where-Object { $_.IsSystemObject -eq $false }

                }

                $users | foreach {

                Add-Member -Force -InputObject $_ -MemberType NoteProperty -Name ComputerName -value $server.NetName

                Add-Member -Force -InputObject $_ -MemberType NoteProperty -Name InstanceName -value $server.ServiceName

                Add-Member -Force -InputObject $_ -MemberType NoteProperty -Name SqlInstance -value $server.DomainInstanceName

                Add-Member -Force -InputObject $_ -MemberType NoteProperty -Name Database -value $db.Name

                Select-DefaultView -InputObject $_ -Property ComputerName, InstanceName, SqlInstance, Database, CreateDate, DateLastModified, Name, Login, LoginType, AuthenticationType, State, HasDbAccess, DefaultSchema

                }

            }

        }

    }

}