像SSMS一样获取Linked Servers的安全配置
Get the security configuration of Linked Servers out like SSMS
我需要查询链接服务器的列表,并确保它们的安全设置都已打开 对于上面列表中未定义的登录,连接将:'Not be maid'(第一个单选选项)。
碰巧每个选项都是众多字段的扭曲组合。
-- Representation of Linked Server GUI
-- {3} represent the third option on the GUI:Be made using the login's current security context
-- This way you can filter out some configuration that are considered too loose security wise.
use master
go
select l.server_id, s.name
, case
when l.uses_self_credential = 0 and p.name is not null then 'top: Local server login to remote server login mapping'
when l.uses_self_credential = 1 and p.name is not null then 'top: Local server login to impersonate'
when l.uses_self_credential = 0 and l.remote_name = '' then '{2} Be made without using a security context'
when l.uses_self_credential = 1 and l.remote_name is null then '{3} Be made using the login''s current security context'
when l.uses_self_credential = 0 and l.remote_name is not null then '{4} Be made using this security context'
end as detail
, l.uses_self_credential, p.name as local_name, l.remote_name, l.modify_date
from sys.linked_logins l
join sys.servers s on s.server_id = l.server_id
left join sys.server_principals p on p.principal_id = l.local_principal_id
union all
select server_id, name, '{1} Not be made',0 ,null , null, null
from sys.servers
where server_id not in(select server_id from sys.linked_logins where local_principal_id = 0)
order by name
我需要查询链接服务器的列表,并确保它们的安全设置都已打开 对于上面列表中未定义的登录,连接将:'Not be maid'(第一个单选选项)。
碰巧每个选项都是众多字段的扭曲组合。
-- Representation of Linked Server GUI
-- {3} represent the third option on the GUI:Be made using the login's current security context
-- This way you can filter out some configuration that are considered too loose security wise.
use master
go
select l.server_id, s.name
, case
when l.uses_self_credential = 0 and p.name is not null then 'top: Local server login to remote server login mapping'
when l.uses_self_credential = 1 and p.name is not null then 'top: Local server login to impersonate'
when l.uses_self_credential = 0 and l.remote_name = '' then '{2} Be made without using a security context'
when l.uses_self_credential = 1 and l.remote_name is null then '{3} Be made using the login''s current security context'
when l.uses_self_credential = 0 and l.remote_name is not null then '{4} Be made using this security context'
end as detail
, l.uses_self_credential, p.name as local_name, l.remote_name, l.modify_date
from sys.linked_logins l
join sys.servers s on s.server_id = l.server_id
left join sys.server_principals p on p.principal_id = l.local_principal_id
union all
select server_id, name, '{1} Not be made',0 ,null , null, null
from sys.servers
where server_id not in(select server_id from sys.linked_logins where local_principal_id = 0)
order by name