Get‑SqlDscServerPermission - dsccommunity/SqlServerDsc GitHub Wiki

Returns the current permissions for a SQL Server login or server role.

Get-SqlDscServerPermission -ServerObject <Server> -Name <String> [-PrincipalType <String[]>]
 [<CommonParameters>]

Get-SqlDscServerPermission -Login <Login> [<CommonParameters>]

Get-SqlDscServerPermission -ServerRole <ServerRole> [<CommonParameters>]

Returns the current permissions for a SQL Server login or server role. The command can retrieve permissions for both user-defined and built-in server principals including SQL Server logins and server roles.

The command supports two modes of operation: 1. By name: Specify ServerObject, Name, and optionally PrincipalType 2. By object: Pass Login or ServerRole objects via pipeline

$serverInstance = Connect-SqlDscDatabaseEngine
Get-SqlDscServerPermission -ServerObject $serverInstance -Name 'MyPrincipal'

Get the permissions for the principal 'MyPrincipal'.

$serverInstance = Connect-SqlDscDatabaseEngine
Get-SqlDscServerPermission -ServerObject $serverInstance -Name 'sysadmin'

Get the permissions for the server role 'sysadmin'.

$serverInstance = Connect-SqlDscDatabaseEngine
Get-SqlDscServerPermission -ServerObject $serverInstance -Name 'MyLogin' -PrincipalType 'Login'

Get the permissions for the login 'MyLogin', only checking if it exists as a login.

$serverInstance = Connect-SqlDscDatabaseEngine
Get-SqlDscServerPermission -ServerObject $serverInstance -Name 'MyRole' -PrincipalType 'Role'

Get the permissions for the server role 'MyRole', only checking if it exists as a role.

$serverInstance = Connect-SqlDscDatabaseEngine
$login = $serverInstance | Get-SqlDscLogin -Name 'MyLogin'

Get-SqlDscServerPermission -Login $login

Get the permissions for the login 'MyLogin' using a Login object.

$serverInstance = Connect-SqlDscDatabaseEngine
$role = $serverInstance | Get-SqlDscRole -Name 'MyRole'

$role | Get-SqlDscServerPermission

Get the permissions for the server role 'MyRole' using a ServerRole object from the pipeline.

$serverInstance = Connect-SqlDscDatabaseEngine

$serverInstance | Get-SqlDscLogin | Get-SqlDscServerPermission

Get the permissions for all logins from the pipeline.

Specifies the Login object for which the permissions are returned. This parameter accepts pipeline input.

Type: Login
Parameter Sets: Login
Aliases:

Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: False

Specifies the name of the SQL Server login or server role for which the permissions are returned. This parameter is used in the default parameter set for backward compatibility.

Type: String
Parameter Sets: ByName
Aliases:

Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

Specifies the type(s) of principal to check. Valid values are 'Login' and 'Role'. If not specified, both login and role checks will be performed. If specified, only the specified type(s) will be checked. This parameter is used in the default parameter set for backward compatibility.

Type: String[]
Parameter Sets: ByName
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

Specifies current server connection object. This parameter is used in the default parameter set for backward compatibility.

Type: Server
Parameter Sets: ByName
Aliases:

Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: False

Specifies the ServerRole object for which the permissions are returned. This parameter accepts pipeline input.

Type: ServerRole
Parameter Sets: ServerRole
Aliases:

Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: False

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

If specifying -ErrorAction 'SilentlyContinue' then the command will silently ignore if the principal (parameter Name) is not present. In such case the command will return $null. If specifying -ErrorAction 'Stop' the command will throw an error if the principal is missing.

The Login or ServerRole object must come from the same SQL Server instance where the permissions will be retrieved.