I’ve a developer that simply unintentionally ran an UPDATE and ALTER TABLE script he was engaged on in a manufacturing database as an alternative of the event setting.
How can I monitor down what safety group allowed such a conduct? I’ve the AD login used, in addition to the goal database.
I might go the great distance round, trying into each single AD group and sub-group this consumer is a member of, and test for each if it grants some type of safety in my SQL server. However it’ll take hours. And that may solely cowl one consumer out of a dozen.
I want to monitor permissions (apart from READ or VIEW DEFINITION), and their AD members. Both deciding on an AD consumer and look by way of what they’ve entry to, or the opposite approach round, deciding on a database and getting everybody that has entry to to it (and the way).
I can deal with a PowerShell resolution too if somebody has some code to share (PS beginner).