4

我想知道所有有权访问对称密钥的用户以及他们拥有的访问类型。你能告诉我我该怎么做吗?

4

3 回答 3

4

也许这个查询可以帮助:

select u.name, p.permission_name, p.class_desc, 
    object_name(p.major_id) ObjectName, state_desc 
from sys.database_permissions  p join sys.database_principals u
on p.grantee_principal_id = u.principal_id
where class_desc = 'SYMMETRIC_KEYS'
于 2014-06-13T18:40:21.210 回答
4

上面的答案实际上并不反映对象名称,请考虑这个:

select
      [database] = db_name()
    , u.name
    , p.permission_name
    , p.class
    , p.class_desc
    , ObjectNameForObjectORColumn
        = object_name(p.major_id) 
    , objectNameActual
        = case class_desc
            when 'SYMMETRIC_KEYS' then sm.name              
            when 'CERTIFICATE' then [cert].name             
      end
    , state_desc 
from sys.database_permissions  p 
inner join sys.database_principals u
    on p.grantee_principal_id = u.principal_id
left outer join sys.symmetric_keys sm
    on p.major_id = sm.symmetric_key_id
    and p.class_desc = 'SYMMETRIC_KEYS'
left outer join sys.certificates [cert]
    on p.major_id = [cert].[certificate_id]
    and p.class_desc = 'CERTIFICATE'
where class_desc in('SYMMETRIC_KEYS', 'CERTIFICATE')
order by u.name

更多在这里https://danieladeniji.wordpress.com/2015/10/09/sql-server-list-permissions-for-user/

于 2015-10-15T18:43:48.603 回答
0

这个改进的查询提供了当前数据库的名称,以避免错误。此外,如果您使用的是 SYMMETRIC KEYS,通常您也在使用 CERTIFICATES,这就是为什么查看 CERTIFICATE 权限也是一个不错的选择:

select db_name(), u.name, p.permission_name, p.class_desc, 
    object_name(p.major_id) ObjectName, state_desc 
from sys.database_permissions  p join sys.database_principals u
    on p.grantee_principal_id = u.principal_id
    where class_desc in('SYMMETRIC_KEYS', 'CERTIFICATE')
order by u.name
于 2015-10-09T21:38:34.863 回答